. Generate OAuth2 access_token and refresh_token
To generate an access token, a post request must be sent to https://api.enphaseenergy.com/oauth/token with the following parameters
URL: https://api.enphaseenergy.com/oauth/token
grant_type: ‘authorization_code’
redirect_uri: It must be the same URI that was sent to HO. In this example, it is ‘https://api.enphaseenergy.com/oauth/redirect_uri’
code: Code generated after HO approval. In this example, it is ‘2TJk7M’.
The client id and client secret of the client application must be sent as basic authorization header in base64encoded(“client_id:client_secret”). For example, if your client_id is “abcd” and client_secret is “uvwxyz”, then base64_encoded(“abcd:uvwxyz”) is ‘YWJjZDp1dnd4eXo=’ and the value for basic authorization header is ‘Basic YWJjZDp1dnd4eXo=’.
An access_token will be generated and the user can start making API requests using the access_token and API key of the application. For more details, please refer to the sample request and response given below.
The validity of access_token is ‘1 day’ and of refresh_token is ‘1 week’ for applications under Watt/ Kilowatt/ Megawatt Plan.
Sample Request cURL HTTP PHP-cURL Python-http.client
curl --location --request POST 'https://api.enphaseenergy.com/oauth/token?grant_type=authorization_code&redirect_uri=https://api.enphaseenergy.com/oauth/redirect_uri&code=2TJk7M' \ --header 'Authorization: Basic ZjJhNDc5ZjNjNjA2N2YwZDk1MTdjYWRhZTdmMDBiNDc6NTAzNWNhNjRjMTNmNzkzYTdjMWJjYTQzNTU5MWQ1ZWE=' </pre>
Sample Response { "access_token": "unique access token", "token_type": "bearer", "refresh_token": "unique refresh token", "expires_in": 86393, "scope": "read write", "enl_uid": "217231", "enl_cid": "5", "enl_password_last_changed": "1638870641", "is_internal_app": false, "app_type": "system", "jti": "1ee68d30-3e79-4347-b7ea-a5851f6f15db" }
- Making an API request
The user can start making API requests using the generated access_token and the api_key of the application.
Sample Request cURL HTTP PHP-cURL Python-http.client
GET /api/v4/systems/{system_id}/summary?key=b2b2fd806ed13efb463691b436957798 HTTP/1.1 Host: api.enphaseenergy.com Authorization: Bearer unique_access_token </pre>
h4. Sample Response
HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8 Status: 200 {"system_id":67,"modules":35,"size_w":6270,"current_power":271,"energy_today":30030,"energy_lifetime":59847036,"summary_date":"2015-03-04","source":"microinverters","status":"normal","operational_at":1201362300,"last_report_at":1425517225}
- Generate new access_token and refresh_token using refresh_token
If the access_token expires, a new access token can be generated using the Client ID, Client Secret, and refresh_token. Along with the new access token, a new refresh token is also generated.
To generate a new access token, post a request to https://api.enphaseenergy.com/oauth/token with grant_type = refresh_token and refresh_token = ’Application’s refresh_token’ as query parameters. Additionally, the client id and client secret of your application must be sent in the basic authorization header in base64encoded format. For example, if your client_id is ‘abcd’ and client_secret is ‘uvwxyz’, then base64_encoded(abcd:uvwxyz) is ‘YWJjZDp1dnd4eXo=’ and the value for basic authorization header is ‘Basic YWJjZDp1dnd4eXo=’. For more details, please refer to the sample request and response given below.
Sample Request cURL HTTP PHP-cURL Python-http.client
curl --location --request POST 'https://api.enphaseenergy.com/oauth/token?grant_type=refresh_token&refresh_token=unique_refresh_token' \ --header 'Authorization: Basic ZjJhNDc5ZjNjNjA2N2YwZDk1MTdjYWRhZTdmMDBiNDc6NTAzNWNhNjRjMTNmNzkzYTdjMWJjYTQzNTU5MWQ1ZWE=' </pre>
Sample Response
{ "access_token": "unique access token", "token_type": "bearer", "refresh_token": "unique refresh token", "expires_in": 86393, "scope": "read write", "enl_uid": "217231", "enl_cid": "5", "enl_password_last_changed": "1638870641", "is_internal_app": false, "app_type": "system", "jti": "1ee68d30-3e79-4347-b7ea-a5851f6f15db" }
Authentication and Authorization flow for a partner application
Partner API follows OAuth 2.0 for authorization. Each API request must include an OAuth 2.0 access token along with the API key of your application.
The below flow chart details the authorization and authentication flow for a partner application:
