Obtaining Customer Authorization
Derapi Join
The approach to issuing vendor API credentials and enrolling end-customer devices varies between DER vendors. This section contains summarized instructions on how to get credentials for each vendor and associate customer-owned devices with your credentials. Each vendor is marked with whether end-customer enrollment is via OAuth or a custom authorization scheme.
Derapi recommends using Derapi Join for end-customer authorization. Join is the client-side component that your end-customer will use to authorize their DERs. Join allows you, the application developer, to embed a simple, intuitive UI in your customer experience to capture end-customer authorization.
Integrate Join with your website
To integrate Derapi Join into your website, simply follow the instructions below.
Add this script tag to your HTML
<script src="https://raw.githubusercontent.com/derapi/derapi/main/join/derapi-join.js"></script>
Join requires a Join session to be created. A POST request to https://api.derapi.com/join/session/start
will return a session_id
. Once the session ID token is created, pass it into the JS function derapi.createJoin()
like this:
import derapi from "https://raw.githubusercontent.com/derapi/derapi/main/join/derapi-join.js";
const onSuccess = () => {
alert('success!');
}
const onClose = () => {
alert('closed');
}
const join = derapi.createJoin(sessionToken, onSuccess, onClose, derapiToken);
join.open();
Here is a sample .html
file to help you get started.
Once the end-customer has authenticated and you receive the onSuccess()
callback, simply call https://api.derapi.com/join/session/{session_id}/fetch-token
to retrieve the public token that can be used to access the end-customer's system.
Vendor Credentials
This section outlines per-vendor requirements to enroll customer devices.
Tesla
Requires an account to enroll customer devices. Create a Tesla API account by following these instructions.
Join will return an access_token
and refresh_token
. Tesla third party refresh tokens expire after 3 months. Use the per-system access_token
when making requests.
Solis
Solis does not require developers to create an account to enroll devices.
Solis uses a custom authorization system using API ID
and Key
for each Solis portal account. Join will return these credentials and they should be included in Derapi API requests.
SMA
SMA requires an account to enroll customers. To create a SMA API account contact SMA and request credentials for the SMA Code Grant Flow.
Join will return an access_token
and refresh_token
. Use the per-system access_token
when making requests.
SolarEdge
SolarEdge does not require developers to create an account to enroll devices.
SolarEdge uses a custom authorization system using an API Key
. This key is retrieved from the SolarEdge Monitoring Portal. Join will return these credentials and they should be included in Derapi API requests.
Enphase Monitoring
Enphase requires an account to enroll customers and offers two options for enrolling and authorizing customer systems:
- If you are an Installer then follow the Enphase instructions to set up a Partner plan account.
- If you are an Application Developer then follow the Enphase instructions to set up Developer account.
Installer / Partner account
Follow Enphase instructions to get an access_token
and API Key
. Use these credentials when making requests.
Developer account
Join will return an access_token
and refresh_token
. Use the per-system access_token
and API Key
when making requests. Please note that Enphase access tokens expire after 1 day and refresh tokens expire after 1 month.
Enphase Grid Services
Enphase Grid Services requires a distinct authorization from that of Enphase monitoring. Enphase Grid Services offers OAuth2 for enrolling customers. Upon request, Derapi will activate your Enphase Grid Services account and provide the required credentials.
Derapi Join is required to enroll customers for Enphase Grid Services. Derapi will provide Enphase Grid Service credentials for use with Join and making API calls.
Implement Your Own Customer Authorization
If you prefer to implement end-customer authorization please continue reading this section.
Tesla
Tesla offers OAuth2 for enrolling customer systems for API access. Follow the Tesla Third Party Tokens instructions to set up OAuth for customers to authorize your application.
Be sure to request the following scopes: openid
, energy_device_data
, and offline_access
. Tesla third party refresh tokens expire after 3 months.
Solis
If you are using a single Solis portal account to make API requests then follow the instructions to add all your customer systems. This is referred to as "Add Plant" in the Solis documentation. Alternatively, you can collect API ID/Keys from your customers and use those to make API requests.
SMA
SMA offers OAuth2 for enrolling customer systems for API access. Follow the SMA Code Grant Flow instructions to set up OAuth for customers to authorize your application.
Derapi recommends using SMA’s offline_token option to acquire a refresh token that does not expire.
SolarEdge
If you are using a single SolarEdge monitoring portal account to make API requests then follow the instructions to add all your customer systems. This is referred to as "Add Inverter or Gateway" in the SolarEdge documentation. Alternatively, you can collect API Keys from your customers and use those to make API requests.
Enphase Monitoring
If you are an Application Developer follow these steps to create a Developer Account and get an access token. Please note that Enphase access tokens expire after 1 day and refresh tokens expire after 1 month. Your application should refresh the refresh token before it expires to avoid having to ask customers to manually reauthorize.
Enphase Grid Services
Derapi Join is required to enroll customers for Enphase Grid Services.
Updated 19 days ago