The Ambi Climate API is built using REST design principles and utilizes OAuth2 for security. This documentation will cover how to access resources on the API. If you are unfamiliar with REST or OAuth, we recommend that you do some research before proceeding. Here is a link introducing the main concepts and protocol of OAuth from Digital Ocean:

An Introduction to OAuth2

API Root Endpoint


Rate Limiting

The rate limiting is based on either per-user or per-OAuth-client. For example, assuming the rate limit is 20, the rate limit window is 10 minutes, the last rate limit window ends 10:30 AM, and you make a new request at 10:35 AM.


You can make 20 requests from 10:35 AM to 10:45 AM.


Each of your OAuth clients can make 20 requests from 10:35 AM to 10:45 AM.

If the access exceeds the limit, the server will return 429 HTTP status code.

Standard API rate limits per window

The following table shows the settings for each endpoint.



20 access within 600 seconds. Per-user.



10 access within 600 seconds. Per-OAuth-client.

This limit is shared by both token creation and refresh.

OAuth Grant Types

At this time the Ambi API only provides access tokens through the "authorization code grant".


Access to the API requires a valid access token that can be obtained through OAuth2 security protocol.

You can visit our Quick Start guide to quickly get an access token.

You can use the access token in one of two ways:

URL Parameter



Insert your acess token here

              curl "https://api.ambiclimate.com/example/endpoint" \
-d "access_token=12XXXK84si5rOfmiHuNKH4BlSRIqQd" \




Prefix your access token with the keyword "Bearer" followed by a space and your access token

              curl "https://api.ambiclimate.com/example/endpoint" \
-H "Authorization: Bearer 12XXXK84si5rOfmiHuNKH4BlSRIqQd" \