Authorization Overview

The Nest API provides information that you can use to build home experiences. The information is ultimately owned by users, and users can explicitly choose to share this information with Works with Nest products.

The purpose of authorization is to give your customers a secure means to grant access to their Nest device data.

The flow looks like this:

Authorization overview

Product site or app before authorization

In your product site or app, you can provide a way for customers to give your product access to their Nest device data. To do this, create a button or other UI element to initiate the OAuth flow.

When you build user authorization into your app, you can either:

  • use an external browser to authorize an app
  • use a new page to auth a webapp

For further design guidance, see the Nest design policies.

iFrames

iFrames present information, either embedded into a web page or as a webview in a native app. The OAuth flow does not support embedding in iFrames.

Nest login

If the user is not already logged in, we prompt the user to log in.

Connection notification (non-owner only)

If the user is a member of a family account, and does not own all of the structures in the account, a connection notification appears after login. This notification lists what structures the user can authorize your Works with Nest product with.

If the user is the account owner, the connection notification does not appear, and the permissions page displays immediately after login.

For more information, see Family Accounts.

User authorization

Nest permissions

We'll prompt the user to grant access to your product. This page displays the permissions and descriptions you entered when you created your client.

For more information, see the Permissions Overview.

User authorization

Product site or app after authorization

After your customer authorizes your Works with Nest product, we'll send an authorization code that your product can exchange for an access token. Your Works with Nest product can then send the access token with API calls to access Nest data.

Your customers can revoke access at any time, which will prevent your Works with Nest product from making further requests for the customer's device data.

To learn how to set up an authorization flow for a user and obtain an access token, see Authentication and Authorization with OAuth 2.0.