Tibber LogoData API

Quick start

Get up and running with the Data API fast

This path gets you to your first successful request in minutes.

Create an OAuth2 client

Open the management UI at Manage clients. Create a client:

  • Name: something you recognize
  • Redirect URI: one or more secure HTTPS URIs you control (localhost with http:// is fine for local dev and fairly customary)
  • Scopes: pick at least the device categories you need (see Scopes)

Copy the generated client id and secret (secret is shown only once).

Run an Authorization Code Flow

High level:

  1. Send the user to the authorization endpoint (they log in and consent)
  2. Receive an authorization code at your redirect URI
  3. Exchange the code for tokens (access + refresh)
  4. Use the access token in API requests, refresh when it expires

Optionally add PKCE for extra protection; see PKCE.

You can test manually first.

Authorization request

GET https://thewall.tibber.com/connect/authorize?response_type=code \
  &client_id=YOUR_CLIENT_ID \
  &redirect_uri=YOUR_ENCODED_REDIRECT_URI \
  &scope=openid%20profile%20email%20offline_access%20data-api-user-read%20data-api-homes-read \
  &state=opaqueState

If you use PKCE, append &code_challenge=...&code_challenge_method=S256.

Token exchange:

POST https://thewall.tibber.com/connect/token
Content-Type: application/x-www-form-urlencoded

grant_type=authorization_code \
  &code=AUTH_CODE \
  &redirect_uri=YOUR_REDIRECT_URI \
  &client_id=YOUR_CLIENT_ID \
  &client_secret=YOUR_CLIENT_SECRET

If you used PKCE, also include code_verifier=ORIGINAL_VERIFIER.

Response (trimmed):

{
    "access_token": "...",
    "refresh_token": "...",
    "expires_in": 3600,
    "token_type": "Bearer"
}

Call the API

List homes:

curl -H "Authorization: Bearer $ACCESS_TOKEN" \
https://data-api.tibber.com/v1/homes

Pick a home id, then list devices:

curl -H "Authorization: Bearer $ACCESS_TOKEN" \
https://data-api.tibber.com/v1/homes/HOME_ID/devices

Fetch device details:

curl -H "Authorization: Bearer $ACCESS_TOKEN" \
https://data-api.tibber.com/v1/homes/HOME_ID/devices/DEVICE_ID

Refreshing tokens

Before expiry, or upon 401 Unauthorized, swap the refresh token:

POST https://thewall.tibber.com/connect/token
Content-Type: application/x-www-form-urlencoded

grant_type=refresh_token \
  &refresh_token=OLD_REFRESH \
  &client_id=CLIENT_ID \
  &client_secret=CLIENT_SECRET

Data API overview

What is the Tibber Data API and what can it do for me?

Authentication

How to authenticate with the Data API

On this page

Create an OAuth2 clientRun an Authorization Code FlowCall the APIRefreshing tokensRecommended next reads