Authentication

How to access the DIMO APIs

DIMO Check-in

🛎️ Developers use this space to learn about getting access to DIMO. The requirements listed gets your foot in the door before getting to the data.

API Authentication

Requirements

Developer Notes

Developers need to be registered with DIMO by providing your preferred client_id and domain(aka redirect_uri). Please reach out to us on Discord for this or contact us directly (select Partnership enquiry type).

  1. Registered client_id and domain

  2. For developers that wish to implement your own wallet-based authentication flow, you will need:

    • An Ethereum address for your wallet (a 64 character hex string generated subject to various rules defined in the Ethereum Yellow Paper). This is the public_key of your wallet.

    • The private_key of your wallet. To obtain the private_key of your wallet, please follow the Developer FAQ.

  3. For developers that wish to utilize Login to DIMO - a connected Google/Apple/Web3 auth service provided by DIMO, you can skip to theCode Exchange Flow section directly.

Developer Notes

  1. The private_key allows you to validate your sign in to your 0xA wallet, so you'll get to see what 0xA has access to on the blockchain. This is similar to an API private key or a client secret that is required to sign a request.

  2. In our documentation, lock signs such as 🔐indicates that the API operation is secured by an access_token obtained in this section while 🔏 indicates that the API operation is secured by a 2nd privilege JWT.

  3. If you are looking to skip building a web3 wallet integration, you may use the Code Exchange Flow but do note that your logged in users will be bounded to a 1-to-1 relationship (1 user 1 wallet). If you are building a product that requires 1-to-many relationship (1 user multiple wallets), you should implement your own wallet integration.


DIMO GraphQL Authentication

The Identity API offers a GraphQL implementation on public on-chain DIMO data, therefore, requires no authentication.

However, the Telemetry API accesses private vehicle data, therefore, requires the 2nd Privilege Token.

Last updated