MyCarTracks API v3 integration

MyCarTracks_support · April 16, 2026, 8:29am

MyCarTracks API v3 lets you connect your own software to MyCarTracks data. Use it for dashboards, CRM or ERP integrations, dispatch tools, reporting, exports, automation scripts, AI-agent workflows, and live vehicle position dashboards.

API v3 uses OAuth2 client credentials and bearer-token authentication. The old API v1 apiKey=API_KEY query parameter style is deprecated and should not be used for new integrations.

Quick links

API v3 documentation: MyCarTracks API v3
OpenAPI JSON: https://mycartracks.com/services/rest/openapi.json
API settings: Log in to your vehicle tracking platform MyCarTracks
Base URL: https://mycartracks.com/services/rest/v3

What you can access

Use API v3 to work with:

Vehicles and vehicle groups.
Tracks, trackpoints, and reports.
Users, drivers, and teams.
Jobs, geofences, and map sharing links.
Vehicle last positions and live position streams.

The exact request parameters and response fields are documented in the API v3 documentation.

Create API credentials

To create or manage API credentials:

Log in to your MyCarTracks web account.
Open Settings from the menu with your profile image or initials.
Select API in the settings menu.
Generate API credentials if you do not have them yet.
Save the settings.

Keep your Client ID and Client Secret private. Do not put them in public repositories, screenshots, browser logs, shared chat logs, or public AI-agent prompts.

Get an access token

Use your Client ID and Client Secret to request an OAuth2 bearer token:

curl -X POST "https://mycartracks.com/oauth/token" \
  -u "CLIENT_ID:CLIENT_SECRET" \
  -d "grant_type=client_credentials" \
  -d "scope=read"

Use read for read-only integrations. Use read write only when your credentials are allowed to create, update, or delete data.

The response contains an access token. Send it with API requests:

curl "https://mycartracks.com/services/rest/v3/vehicles?limit=10" \
  -H "Authorization: Bearer ACCESS_TOKEN"

When the access token expires, request a new token with the same Client ID and Client Secret.

Try requests in the documentation

The API documentation is the easiest place to test an endpoint before implementing it in code:

Open MyCarTracks API v3
Open the authentication or authorize panel.
Enter your API v3 Client ID and Client Secret.
Authorize with the scope your test needs.
Open an endpoint and run a test request.

Use this to confirm required parameters, response fields, scopes, and error responses.

Common API requests

List vehicles:

curl "https://mycartracks.com/services/rest/v3/vehicles?limit=10" \
  -H "Authorization: Bearer ACCESS_TOKEN"

List tracks:

curl "https://mycartracks.com/services/rest/v3/tracks2?limit=10" \
  -H "Authorization: Bearer ACCESS_TOKEN"

Get one track:

curl "https://mycartracks.com/services/rest/v3/tracks/TRACK_ID" \
  -H "Authorization: Bearer ACCESS_TOKEN"

Get trackpoints for one track:

curl "https://mycartracks.com/services/rest/v3/trackpoints/TRACK_ID?limit=500" \
  -H "Authorization: Bearer ACCESS_TOKEN"

List vehicle last positions:

curl "https://mycartracks.com/services/rest/v3/vehicles/lastPositions?limit=50" \
  -H "Authorization: Bearer ACCESS_TOKEN"

Useful endpoints

Use case	Endpoint
List vehicles	`GET /vehicles`
List tracks	`GET /tracks2`
Get one track	`GET /tracks/{trackId}`
Get trackpoints	`GET /trackpoints/{trackId}`
List vehicle last positions	`GET /vehicles/lastPositions`
Create live position stream	`POST /vehicles/livePositions/stream`

Use the API documentation to confirm the current URL, parameters, and response model before using an endpoint in production.

Pagination and fields

Most list endpoints support pagination:

offset - zero-based row offset. The first page is 0.
limit - page size.

Some endpoints also support:

sort - sort by supported fields.
fields - return only selected fields.

Example:

curl "https://mycartracks.com/services/rest/v3/vehicles?offset=0&limit=25&fields=id,name" \
  -H "Authorization: Bearer ACCESS_TOKEN"

The enhanced tracks endpoint supports deterministic pagination and optional total count:

curl "https://mycartracks.com/services/rest/v3/tracks2?offset=0&limit=100&includeTotal=true" \
  -H "Authorization: Bearer ACCESS_TOKEN"

Rate limits

MyCarTracks returns rate-limit information in response headers:

X-Rate-Limit-Limit - allowed requests in the current time window.
X-Rate-Limit-Remaining - requests left in the current time window.
X-Rate-Limit-Reset - seconds left until the current time window resets.

Check the headers with curl -i:

curl -i "https://mycartracks.com/services/rest/v3/vehicles?limit=1" \
  -H "Authorization: Bearer ACCESS_TOKEN"

Example headers:

X-Rate-Limit-Limit: 150
X-Rate-Limit-Remaining: 149
X-Rate-Limit-Reset: 900

The default limit is 150 requests per 15-minute window. Your account or credentials may have a different limit, so read the headers returned by the API.

If the limit is exceeded, slow down requests and retry after the reset window. Avoid repeated immediate retries.

Command-line access

If you prefer terminal access, use the official MyCarTracks CLI configuration:

The CLI uses Restish and the same API v3 OpenAPI document. It is useful for quick tests, exports, automation, and AI-agent workflows.

Live position dashboards

For modern live vehicle maps, use the live position WebSocket API. The recommended flow is:

Call GET /vehicles/lastPositions for the initial map markers.
Call POST /vehicles/livePositions/stream to create a stream.
Connect to the returned websocketUrl.
Update markers from WebSocket events.

Read more: Live vehicle position WebSocket API

Recommended integration workflow

Create API v3 credentials in MyCarTracks settings.
Test your request in the API v3 documentation.
Request an OAuth2 access token with the smallest required scope.
Implement requests with bearer-token authentication.
Add pagination where list endpoints can return many records.
Read X-Rate-Limit-* headers on every response.
Add retries with backoff for temporary errors.
Keep Client Secrets out of logs and public code.

Error handling

Your integration should handle common HTTP statuses:

400 - request parameters are invalid.
401 - token is missing, invalid, or expired.
403 - credentials do not have permission, or rate limit was exceeded.
404 - resource was not found or is not available to the authenticated account.
5xx - temporary service or infrastructure error.

For 401, request a new token and retry once. For 403, check scopes, permissions, and rate-limit headers before retrying.

Support

If you need an endpoint that is not available yet, or if you have questions about authentication, scopes, limits, or integration design, contact us:

support@mycartracks.com

Useful links:

API v3 documentation: MyCarTracks API v3
OpenAPI JSON: https://mycartracks.com/services/rest/openapi.json
API settings: Log in to your vehicle tracking platform MyCarTracks
MyCarTracks CLI: MyCarTracks CLI
Live vehicle position WebSocket API: Live vehicle position WebSocket API

Source: MyCarTracks API v3 integration