DeveloperSkip to main content

  1. Fleet API
  2. Charging

Virtual Keys for Third-Party Applications

Tesla customers can authorize third-party applications to access their account. Even after authorizing a third-party application, some functionality requires an additional layer of security. These functionalities are also restricted based on the granular access granted during the authorization flow. Adding an application's virtual key to a vehicle grants the application the ability to:

  • Receive realtime vehicle data.
  • Execute commands (open trunk, unlock, etc).

How can access be revoked?

The user is always in control. The key can be removed anytime on the Locks screen on the vehicle. Removing access will immediately remove the application's ability to send commands and stream realtime vehicle data.

To revoke these without physical access to the vehicle, third-party app permissions can be modified via the Account Security page.

What is the relationship between virtual key and the access granted during authorization?

The virtual key is an additional layer of security beyond the authorization flow. It ensures the vehicle only communicates with authorized parties. Even with a virtual key on a vehicle, the third-party application will only be able to access the functionality granted during authorization.

How is a virtual key added to a vehicle?

The third-party application will provide a link or QR code which opens the Tesla mobile app. The user can follow the prompts to add the virtual key to their vehicle.

The link will be in the form:

https://www.tesla.com/_ak/<developer-domain>