> ## Documentation Index
> Fetch the complete documentation index at: https://docs.withleaf.io/llms.txt
> Use this file to discover all available pages before exploring further.
# CNHi (AFS Connect)
> Connect to CNHi (Case IH, New Holland) to pull field boundaries, machine files, and field operations through Leaf's provider credentials API.
This page covers the **legacy CNHI (AFS Connect)** provider. For CNH Industrial's newer FieldOps API, see [CNHI FieldOps](/providers/cnhi-fieldops).
CNH Industrial (Case IH, New Holland, Steyr) exposes two API platforms. Leaf supports both as separate providers: **CNHI (AFS Connect)** (this page) and **[CNHI FieldOps](/providers/cnhi-fieldops)**. If you're starting a new integration, use CNHI FieldOps.
Leaf connects to CNHI AFS Connect using OAuth 2.0. Once connected, Leaf syncs growers, farms, fields, machine files, and field operations.
## Prerequisites
1. A CNHi developer account. [Register here](https://www.developer.cnhindustrial.com/).
2. Your application's `clientId`, `clientSecret`, and `subscriptionKey` from CNHi.
3. A grower's `refreshToken` obtained through the CNHi OAuth 2.0 consent flow.
## Setup steps
1. Complete the CNHi OAuth 2.0 flow to obtain a `refreshToken` for the grower's account.
2. POST the credentials to Leaf:
```bash cURL theme={null}
curl -X POST \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{
"clientId": "your-client-id",
"clientSecret": "your-client-secret",
"subscriptionKey": "your-subscription-key",
"refreshToken": "grower-refresh-token",
"clientEnvironment": "PRODUCTION"
}' \
'https://api.withleaf.io/services/usermanagement/api/users/{leafUserId}/cnhi-credentials'
```
```python Python theme={null}
import requests
TOKEN = 'YOUR_TOKEN'
endpoint = 'https://api.withleaf.io/services/usermanagement/api/users/{leafUserId}/cnhi-credentials'
headers = {'Authorization': f'Bearer {TOKEN}'}
data = {
"clientId": "your-client-id",
"clientSecret": "your-client-secret",
"subscriptionKey": "your-subscription-key",
"refreshToken": "grower-refresh-token",
"clientEnvironment": "PRODUCTION"
}
response = requests.post(endpoint, headers=headers, json=data)
print(response.json())
```
```javascript JavaScript theme={null}
const axios = require('axios')
const TOKEN = 'YOUR_TOKEN'
const endpoint = 'https://api.withleaf.io/services/usermanagement/api/users/{leafUserId}/cnhi-credentials'
const headers = { 'Authorization': `Bearer ${TOKEN}` }
const data = {
"clientId": "your-client-id",
"clientSecret": "your-client-secret",
"subscriptionKey": "your-subscription-key",
"refreshToken": "grower-refresh-token",
"clientEnvironment": "PRODUCTION"
}
axios.post(endpoint, data, { headers })
.then(res => console.log(res.data))
.catch(console.error)
```
3. Leaf validates the token and begins syncing. Check credential status with `GET /users/{leafUserId}/cnhi-credentials`.
## Credentials schema
**Create request body:**
| Field | Type | Required | Description |
| ------------------- | ------ | -------- | -------------------------------------- |
| `clientId` | string | Yes | Your application's client ID from CNHi |
| `clientSecret` | string | Yes | Your application's client secret |
| `subscriptionKey` | string | Yes | Your CNHi subscription key |
| `refreshToken` | string | Yes | The grower's OAuth refresh token |
| `clientEnvironment` | string | Yes | `STAGE` or `PRODUCTION` |
**Response:**
```json theme={null}
{
"id": "uuid",
"status": "str",
"createdTime": "yyyy-MM-dd'T'HH:mm:ss.SSSSSS'Z'",
"clientId": "str",
"clientSecret": "str",
"refreshToken": "str",
"clientEnvironment": "PRODUCTION",
"subscriptionKey": "str"
}
```
## Endpoints
Base URL: `https://api.withleaf.io/services/usermanagement/api`
| Action | Method | Path |
| --------------------- | ------ | --------------------------------------------- |
| Get credentials | GET | `/users/{leafUserId}/cnhi-credentials` |
| Create credentials | POST | `/users/{leafUserId}/cnhi-credentials` |
| Delete credentials | DELETE | `/users/{leafUserId}/cnhi-credentials` |
| Get credential events | GET | `/users/{leafUserId}/cnhi-credentials/events` |
## Troubleshooting
Use the events endpoint to inspect credential health:
```bash cURL theme={null}
curl -X GET \
-H 'Authorization: Bearer YOUR_TOKEN' \
'https://api.withleaf.io/services/usermanagement/api/users/{leafUserId}/cnhi-credentials/events'
```
```python Python theme={null}
import requests
TOKEN = 'YOUR_TOKEN'
endpoint = 'https://api.withleaf.io/services/usermanagement/api/users/{leafUserId}/cnhi-credentials/events'
headers = {'Authorization': f'Bearer {TOKEN}'}
response = requests.get(endpoint, headers=headers)
print(response.json())
```
```javascript JavaScript theme={null}
const axios = require('axios')
const TOKEN = 'YOUR_TOKEN'
const endpoint = 'https://api.withleaf.io/services/usermanagement/api/users/{leafUserId}/cnhi-credentials/events'
const headers = { 'Authorization': `Bearer ${TOKEN}` }
axios.get(endpoint, { headers })
.then(res => console.log(res.data))
.catch(console.error)
```
Event logs are retained for 30 days. Once the credential is deleted or disassociated from the Leaf user, the logs are no longer available.
Common issues:
* **Status changes to invalid**: The grower may have revoked access or the refresh token expired. Have the grower re-authorize.
* **STAGE vs. PRODUCTION mismatch**: Make sure `clientEnvironment` matches the environment your CNHi app is registered in.
* **Missing subscription key**: CNHi requires a `subscriptionKey` in addition to OAuth credentials. Verify you're passing it in the request body.
## What to do next
* [Connect CNHi Tutorial](/guides/tutorials/connect-cnhi) — Step-by-step walkthrough.
* [Provider Authentication Overview](/providers/overview) — How provider credentials work across all providers.
* [API Reference: Providers](/api-reference/providers) — Full endpoint reference for provider credentials.