Security

We understand that keeping your Tesla authentication tokens is the most important job we have. This is why Teslemetry was designed from the very start to be secure by design.

• All user data at rest is encrypted in Google Firestore.
• All Tesla tokens are stored in a restricted collection, not accessible by any user accounts.
• Access tokens are refreshed automatically by a scheduled task, and are delete if they have been revoked.
• Teslemetry uses Tesla OAuth 2 authentication, and does not have any access to your Tesla password or two factor authentication.
• Teslemetry access tokens are validated on every request, and are exchanged for your current Tesla access token.
• HTTPS is required to use Teslemetry services. HTTP connections are blocked and HSTS is enabled.
• It's your responsibility to keep your Teslemetry access tokens secure. You can revoke a Teslemetry Access Token at any time from the Teslemetry console.

Teslemetry accepts no responsibility or liability as a result of using this service.

Security Issues can be reported to [email protected]