Consumer Rights Wiki

BMW API restrictions

Revision as of 22:09, 4 September 2025 by Louis (talk | contribs) (created draft)

Background

BMW ConnectedDrive is a subscription-based service that provides remote access to BMW vehicles through mobile applications & APIs, with tiers ranging from $50 to $150 per year after a free 3-year period.[1] The service enables features such as remote climate control, vehicle location tracking, & electric car charging management through BMW's official mobile applications.[2]

Home Assistant is an open-source home automation platform that allows users to integrate various smart home devices & services, including vehicle data through manufacturer APIs. According to discussions on the BMW i4 Forum, many BMW electric car users use this integration to optimize charging based on solar panel production, time-of-use electricity rates, & home energy management systems.[3] The integration was highly valued by users who paid for BMW's ConnectedDrive subscriptions & expected to maintain API access for their automation needs.

Incident

According to user reports documented in GitHub issue #149750, BMW began notifying users through its Android application in July 2025 about upcoming changes to charge control APIs.[4] The notifications stated the following:

"to ensure the security of your personal data, and to better protect your vehicle, the option of allowing third-party providers to control your vehicle charging will be limited from September."[5]

On August 30, 2025, BMW implemented strict API rate limiting that affected third-party applications. According to GitHub issue #151500, error logs showed HTTP 403 Forbidden responses with messages indicating "Out of call volume quota. Quota will be replenished in 00:49:03."[6] Users reported that the quota appeared to be limited to approximately 100 API calls per 24-hour period, far below the polling requirements of home automation systems.[7]

Between September 1 and September 3, 2025, the Home Assistant community attempted various technical workarounds. According to discussions on the BMW i4 Forum, initial user-agent spoofing proved temporarily successful, with users reporting that mimicking official BMW app signatures allowed continued access.[8] By September 3, 2025, these workarounds ceased functioning, with community members confirming that BMW had implemented additional detection methods.[9]

According to industry analysis by Beebop AI, the restrictions affected over 1.5 million vehicles and disrupted utilities using reverse-engineered BMW APIs for demand response & grid stability programs.[10] The timing occurred days before the EU Data Act's implementation on September 12, 2025, which requires manufacturers to provide users with access to their vehicle data.[11]

BMW's response

According to the notifications sent through the BMW mobile application, the company cited "security" & "safety" as justifications for the API restrictions.[12] The notifications directed users to a FAQ page listing approved electricity providers that would maintain access to vehicle charging control.[13]

BMW has not issued an official press release or public statement regarding the API restrictions beyond the in-app notifications. According to user reports on GitHub, attempts to contact BMW customer service resulted in "boilerplate responses citing security as a reason for these very targeted actions."[14] The company has maintained partnerships with approved charging networks including Electrify America, Shell Recharge, & EVgo.[15]

Consumer response

The Home Assistant community posted & documented many integration failures through multiple GitHub issues, with issue #149750 receiving over 250 comments from users getting screwed by this.[16] Users report complete loss of automated EV charging management & broken solar panel integration logic.[17]

According to forum discussions, affected users attempted multiple technical solutions between August 30 and September 3, 2025, including polling rate reduction, QR code re-authentication, & regional API switching.[18] Community members suggested some technical solutions like quota-aware polling with exponential backoff & improved error differentiation between quota & authentication failures.[19]

It has been reported that some users began exploring alternative platforms, with discussions on the openHAB community forums about migrating from Home Assistant due to the BMW restrictions.[20] According to Beebop AI's analysis, utilities faced financial penalties for failing to meet flexibility commitments when losing EV load-shaping capabilities.[21]

References

  1. "What You're Really Paying For With BMW ConnectedDrive". Bimmer Mag. 2025-06-27. Retrieved 2025-01-01.
  2. "BMW ConnectedDrive App Subscription Products, Store and Services". BMW USA. 2025-01-01. Retrieved 2025-01-01.
  3. "Smarter Charging with Home Assistant". BMW i4 Forum. 2024-05-20. Retrieved 2025-01-01.
  4. "Upcoming API changes notification from BMW · Issue #149750". GitHub. 2025-07-31. Retrieved 2025-01-01.
  5. "Upcoming API changes notification from BMW · Issue #149750". GitHub. 2025-07-31. Retrieved 2025-01-01.
  6. "BMW integration should handle call quota error · Issue #151500". GitHub. 2025-08-25. Retrieved 2025-01-01.
  7. "BMW Connected Drive Quota · Issue #151502". GitHub. 2025-08-25. Retrieved 2025-01-01.
  8. "anyone using Home Assistant for their i4 with BMW connected drive?". BMW i4 Forum. 2025-09-02. Retrieved 2025-01-01.
  9. "Upcoming API changes notification from BMW · Issue #149750". GitHub. 2025-09-03. Retrieved 2025-01-01.
  10. "BMW API Changes Could Disrupt Utilities Using Unapproved EV Connections". Beebop AI. 2025-09-01. Retrieved 2025-01-01.
  11. "Regulation (EU) 2023/2854". EUR-Lex. 2023-12-13. Retrieved 2025-01-01.
  12. "Upcoming API changes notification from BMW · Issue #149750". GitHub. 2025-07-31. Retrieved 2025-01-01.
  13. "BMW to disable remote charging control API". BMW i4 Forum. 2025-08-01. Retrieved 2025-01-01.
  14. "Upcoming API changes notification from BMW · Issue #149750". GitHub. 2025-08-31. Retrieved 2025-01-01.
  15. "BMW Electric Vehicle Charging". BMW USA. 2025-01-01. Retrieved 2025-01-01.
  16. "Upcoming API changes notification from BMW · Issue #149750". GitHub. 2025-09-04. Retrieved 2025-01-01.
  17. "BMW integration: No support from September for thirtparty providers like HA". Home Assistant Community. 2025-09-01. Retrieved 2025-01-01.
  18. "anyone using Home Assistant for their i4 with BMW connected drive?". BMW i4 Forum. 2025-09-02. Retrieved 2025-01-01.
  19. "BMW integration should handle call quota error · Issue #151500". GitHub. 2025-08-25. Retrieved 2025-01-01.
  20. "MyBMW - Bindings". openHAB. 2025-09-03. Retrieved 2025-01-01.
  21. "BMW API Changes Could Disrupt Utilities Using Unapproved EV Connections". Beebop AI. 2025-09-01. Retrieved 2025-01-01.
Retrieved from "https://consumerrights.wiki/index.php?title=BMW_API_restrictions&oldid=23728"