When requesting utility data from a customer, you have the option to request specific types of utility data and the period for which you will continue to have access to the customer's data. For example, you can specify a scope to only request historical interval data. Alternatively, you can also specify a scope that requests ongoing access to new bill and interval data for up to 3 years. These options are all defined in the scope string parameter.
The
scope string
in Green Button Connect made up of a list of parameters
(the FB parameter is always required), separated by
semicolons (;):
FB=<FUNCTION_BLOCK_LIST>;<OPTION_NAME>=<OPTION_VALUE>;<OPTION_NAME>=<OPTION_VALUE>...
For example, here's a valid scope string for an authorization url:
FB=4_16_51;HistoryLength=34128000
Here's the scope parameters that can be used in authorization urls:
| Parameter | Format | Default | Description | Example |
|---|---|---|---|---|
FB |
List (Function Block) | [N/A, required] |
[required] The list of data and functionality you are requesting
in the authorization. Separate with underscores (_).
See Function Blocks for a list
of valid function block combinations.
|
FB=4_16_51 |
HistoryLength |
Integer |
63072000 (2 years)
|
How far back you want historical data. If you don't
want historical data, set this to 0.
|
HistoryLength=63072000 |
PreferredAuthEndDate |
Integer | Three years from current time |
A unix timestamp for when you want to automatically
revoke the authorization. If you don't want to set an
automatic end date (e.g. continue until the user revokes),
set this to 0.
|
PreferredAuthEndDate=1403190000 |
AdditionalScope |
List (Additional Scope) |
"" (empty string)
|
A list of additional universal and utility-specific
scope options. Separate with underscores (_).
See Additional Scope for
a list of possible values.
|
AdditionalScope=noedit_meters-all |
You may see some other scope parameters in the final scope string that you aren't able to include in the original authorization url (mostly because they are just informative about certain functionality and not something you are requesting during authorization). Below is a list of these parameters and what they mean:
Here's an example final scope string that includes some of these other parameters:
FB=1_3_4_5_8_13_14_18_19_34_35_39_51;IntervalDuration=900_3600;BlockDuration=daily;HistoryLength=34128000;SubscriptionFrequency=daily;AccountCollection=2
Function Blocks are the various types of data and functionality you can
request during an authorization. To build a function block list in the scope
string, concatenate each function block (sorted lowest to highest) into a
list separated by underscores (_).
NOTE: For the FB list in an authorization url, we only look for a subset of function blocks (4, 16, and 51), so you only have to worry about that subset of options when building your authorization urls (see examples below). However, when you get the full scope string back with your access_token, we will include all the other function blocks that are relevant to your authorization (see the full reference table).
Here's the function blocks that can be used in authorization urls (we ignore other valid function blocks):
| FB | Name | Description |
|---|---|---|
4 |
Interval Metering | Ask for permission to access a customer's anonymous interval data. |
16 |
Usage Summary with Costs | Ask for permission to access a customer's bill data. |
51 |
Core Retail Customer | Ask for permission to access a customer's account details (account number, service address, etc.). |
Here's some example function block lists for authorization urls:
# Everything - Intervals, Usage Summary with Costs (e.g. bills), and Retail Customer (e.g. account details) FB=4_16_51 # Anonymous intervals only FB=4 # Intervals and account details (no bills) FB=4_51
While we only support a specific subset of function blocks in authorization url scope strings, there are many other function blocks that describe various Green Button functionality. During or after an authorization, we try to update the final function block list to include all the data specifics and functionality for that authorization (so you know what to expect).
For reference, here's a table of what each number in the function block list means (use this table if you're parsing the function blocks from the final scope string function block list):
| Function Block | Name |
|---|---|
1 |
Common |
2 |
Download My Data |
3 |
Connect My Data |
4 |
Interval Metering |
5 |
Interval Electricity Metering |
6 |
Demand Electricity Metering |
7 |
Net Metering |
8 |
Forward and Reverse Metering |
9 |
Register Values |
10 |
Gas |
11 |
Water |
12 |
Cost of Interval Data |
13 |
Security and Privacy Classes |
|
|
15 |
Usage Summary |
16 |
Usage Summary with Cost |
17 |
Power Quality Summary |
18 |
Multiple Usage Points |
19 |
Partial Update Data |
27 |
Usage Summary with Demands and Previous Day Attributes |
28 |
Usage Summary Costs for Current Billing Period |
29 |
Temperature Interval Metering |
30 |
Common User Experience (DMD only) |
31 |
Authorization and Authentication w/o Pre-Negotiated Scope |
32 |
Resource Level REST |
33 |
Management REST Services |
34 |
SFTP for Bulk |
35 |
REST for Bulk |
36 |
Third Party Dynamic Registration |
37 |
Query Parameters |
38 |
On Demand Requests |
39 |
PUSH Model |
40 |
Offline Authorization |
41 |
Manage ApplicationInformation Resource |
44 |
Manage Authorization Resource |
|
|
|
|
|
|
49 |
Retail Customer Management REST |
50 |
Retail Customer Resource Level REST |
51 |
Retail Customer Common |
52 |
Retail Customer Download My Data |
53 |
Retail Customer Connect My Data |
54 |
Retail Customer Basic Information |
55 |
Retail Customer Demographic Information |
56 |
Retail Customer Billing Information |
57 |
Retail Customer AccountAgreement Information |
58 |
Retail Customer ServiceLocation Information |
59 |
Retail Customer ServiceSupplier Information |
60 |
Retail Customer Meter Information |
61 |
Retail Customer EndDevice Information |
62 |
Retail Customer ProgramDateIdMappings Information |
64 |
Retail Customer Security and Privacy |
65 |
Retail Customer Authorization and Authentication w/o Pre-Negotiated Scope |
66 |
SFTP for Retail Customer Bulk |
67 |
REST for Retail Customer Bulk |
68 |
Retail Customer Query Parameters |
69 |
Retail Customer PUSH Model |
70 |
Retail Customer Offline Authorization |
Here are some time frequencies you may see in scope strings.
| Named Frequency | Description |
|---|---|
billingPeriod |
Update on or shortly after the billing period. |
daily |
Update once per day (time of day varies based on server load). |
monthly |
Update on or shortly after the start of each month. |
seasonal |
Update on or shortly after the start of each utility season. |
weekly |
Update on or shortly after the start of each week. |
yearly |
Update on or shortly after the start of each year. |
quarterly |
Update on or shortly after the start of each quarter. |
Here are the possible additional scopes you can use in the AdditionalScope parameter:
| Additional Scope | Default | Description | Examples |
|---|---|---|---|
sou-{scope-of-use} |
sou-default
|
This scope lets us know which predefined Scope of Use you would like to disclose to the user during authorization. If not included, your default scope of use is used. |
sou-energyaudit
|
meters-(all|{SAID}) |
None selected (e.g. user has to pick) |
During authorization, the user is asked which utility
services (e.g. meters) they would like the authorize
for data sharing. You can pre-select all the services
(
NOTE: You can only put one SAID per
meters-* parameter, so if you want to pre-select
multiple specific meters, include multiple meters-*
entries in the
AdditionalScope value (e.g.
AdditionalScope=meters-1234567890_meters-2345678901
will pre-select services 1234567890 and 2345678901).
NOTE: Some SAIDs have dashes (
-) in them.
You can safely include the SAID dashes in the meters-* parameter,
and we will interpret everything after the first dash as the SAID.
For example, meters-123456789-0 will pre-select the service
account 123456789-0.
NOTE:
meters-all not only selects
all existing utility services to be shared, but also future services
that are added under the utility account holder's account. This is
useful for when utility customers may get a new service contract for
a meter swap or rate switch, and you don't want to have to go back
re-authorize to get data for the replaced service. If you don't want to ask
for access to future services, list out each service (via using meters-{SAID}_...)
or simply tell the customer to manually select the services they want
to share during authorization.
|
meters-all
meters-1234567890
meters-123456789-0
|
auth-{type}[-{value}] |
Default authentication flow |
If not already authenticated, we will ask the user to prove they are who they say they are (called "authentication"). However, since utility customers often don't have an online account or remember their password, we try to offer multiple ways of authenticating (usually by sending them a one-time-passcode (OTP) and asking them to type it in). In order to streamline the authentication process, you can signal to us a preferred authentication flow to use and optionally specify some user identifier value to pre-fill. That way, in ideal scenarios, all the user has to do is click to receive an OTP and then type that verification code in. Here are the docs for utilities that support this parameter:
NOTE: Authentication flows vary from utility-to-utility
and can change without notice, so while you may request a specific
authentication method (e.g. login using username/password), if the
utility changes their authentication methods, we may ignore this parameter
and the utility uses their default authentication flow.
|
auth-login
auth-phone-5554443333
auth-email-aaa@bbb.com
auth-sso-{id}
auth-utility-{utility_id}
|
noedit |
Scope is editable by user |
Don't allow the customer to modify the scope during the OAuth process. This basically enables a take-it-or-leave-it authorization process. You typically want to use this when you have to have a specific set of data or a specific authorization duration.
NOTE:
noedit doesn't prevent the customer from editing the service selection.
|
noedit
|
As part of our DataGuard compliance for Green Button Connect implementations, we want to encourage transparency by offering the ability for you to provide some specific information to the user on what you intend to do with the data they are sharing (i.e. what is your "scope of use"). That way, the user can be more familiar and comfortable with what you are doing.
By default, the scope-of-use is completely open-ended, and during authorization, the user is told that you haven't disclosed how you'll use the data. If you'd like to change that to be more transparent on how you will used the shared data, you can specify additional scopes of use in your settings. If you have multiple products or business use cases, you can define multiple scopes of use, and then choose which one you want the user to see in the OAuth interface by including it to your scope string AdditionalScope parameters.
For example, if you are only going to use the shared data for an energy audit, you can add an energy audit scope-of-use in your settings:
energyaudit
Then, you can specify that scope-of-use in your AdditionalScope parameter:
FB=4_16_51...;AdditionalScope=sou-energyaudit...
The user will see the description and link for your energyaudit
scope-of-use on the OAuth authorization page, and it will be logged in their
authorization receipt that we send them when they authorize.