Access Tokens

The following OAuth2 access tokens are defined for use within the interoperable Green Button Connect My Data (CMD) messages:

    

access_token — allocated by the Data Custodian for individual account authorizations.

This is the normal access token used for accessing individual subscriptions.

    

refresh_token — allocated at the time of an authorization and used to renew an access_token.

When the given OAuth2 access token expires, you may use the refresh_token to obtain a new OAuth2 access token:

  • Obtained:
    During the Customer authorization process.

  • resourceUri:
    https://data.greenbuttonconnect.org/DataCustodian/espi/1_1/resource/Batch/Subscription/{SubscriptionID}

  • authorizationUri:
    https://data.greenbuttonconnect.org/DataCustodian/espi/1_1//resource/Authorization/{authorizationUri}

    

datacustodian_access_token — access token used by trusted administrative accounts.

This access token is allocated through an administrative action by the Data Custodian.

  • Obtained:
    During the Customer authorization process

    

client_access_token — used by Third-Party applications to access bulk or multiple authorization subscriptions.

This access token is allocated at the time the Third Party registers with the Data Custodian and the Data Custodian will be providing Bulk data transfers.

  • Obtained:
    The access token is either “Configured or obtained using the OAuth client_credentials based flow”.

  • resourceUri:
    https://data.greenbuttonconnect.org/DataCustodian/espi/1_1/resource/*

  • authorizationUri:
    https://data.greenbuttonconnect.org/DataCustodian/espi/1_1/resource/Authorization/{authorizationId}

   

upload_access_token — used by Meter Data Management (back-end) systems to upload/import data into a Data Custodian.

This access token is, like the datacustodian_access_token, allocated through an administrative action by the Data Custodian.

    

registration_access_token — reserved for future use in dynamic-registration patterns.

The IETF OAuth2 Dynamic Registration working draft is being used in Green Button dynamic registration.

  • Obtained:
    The access token is obtained using the oauth client_credentials based flow after the Third Party has completed registration.

  • resourceUri:
    https://data.greenbuttonconnect.org/DataCustodian/espi/1_1/resource/Bulk/{bulkId}

  • authorizationUri:
    https://data.greenbuttonconnect.org/DataCustodian/espi/1_1/resource/Authorization/{authorizationId}