### Example WHOOP Webhook Payload JSON Source: https://developer.whoop.com/docs/introduction/developing/webhooks An example JSON structure of a webhook payload received from WHOOP, illustrating a 'workout.updated' event with typical user and object identifiers. ```JSON { "user_id": 10129, "id": 10235, "type": "workout.updated", "trace_id": "d3709ee7-104e-4f70-a928-2932964b017b" } ``` -------------------------------- ### Install Passport.js and OAuth2 Dependencies for WHOOP Authentication Source: https://developer.whoop.com/docs/introduction/tutorials/access-token-passport Install the necessary Passport.js packages for OAuth 2.0 authentication with WHOOP using npm. This includes `passport` and `passport-oauth2`. For TypeScript projects, also install the corresponding type definitions. ```bash npm install passport passport-oauth2 ``` ```bash npm install @types/passport @types/passport-oauth2 ``` -------------------------------- ### Example JSON for WHOOP Workout Activity Source: https://developer.whoop.com/docs/introduction/developing/user-data/workout Illustrative JSON payload demonstrating the structure and typical values for a WHOOP Workout activity, including nested score and heart rate zone data. ```JSON { "id": 1043, "user_id": 9012, "created_at": "2022-04-24T11:25:44.774Z", "updated_at": "2022-04-24T14:25:44.774Z", "start": "2022-04-24T02:25:44.774Z", "end": "2022-04-24T10:25:44.774Z", "timezone_offset": "-05:00", "sport_id": 1, "score_state": "SCORED", "score": { "strain": 8.2463, "average_heart_rate": 123, "max_heart_rate": 146, "kilojoule": 1569.34033203125, "percent_recorded": 100, "distance_meter": 1772.77035916, "altitude_gain_meter": 46.64384460449, "altitude_change_meter": -0.781372010707855, "zone_duration": { "zone_zero_milli": 13458, "zone_one_milli": 389370, "zone_two_milli": 388367, "zone_three_milli": 71137, "zone_four_milli": 0, "zone_five_milli": 0 } } } ``` -------------------------------- ### Subsequent Request Using next_token Source: https://developer.whoop.com/docs/introduction/developing/pagination Demonstrates how to make a follow-up GET request to retrieve the next page of data. The 'next_token' obtained from the previous response is included as a query parameter to continue pagination. ```HTTP GET https://api.prod.whoop.com/developer/v1/activity/sleep?nextToken=eyIkIjoib0AxIiwibyI6MTB9&start=2022-01-01T00:00:00.000Z&end=2022-04-01T00:00:00.000Z ``` -------------------------------- ### Example WHOOP Recovery Object JSON Source: https://developer.whoop.com/docs/introduction/developing/user-data/recovery An example JSON representation of a WHOOP Recovery object, illustrating typical values for its fields, including the nested 'score' object with physiological measurements. ```json { "cycle_id": 93845, "sleep_id": 10235, "user_id": 10129, "created_at": "2022-04-24T11:25:44.774Z", "updated_at": "2022-04-24T14:25:44.774Z", "score_state": "SCORED", "score": { "user_calibrating": false, "recovery_score": 44, "resting_heart_rate": 64, "hrv_rmssd_milli": 31.813562, "spo2_percentage": 95.6875, "skin_temp_celsius": 33.7 } } ``` -------------------------------- ### Postman Environment Variable Setup for WHOOP API Credentials Source: https://developer.whoop.com/docs/introduction/tutorials/access-token-postman Instructions for setting up `ClientId` and `ClientSecret` as Postman environment variables, which are then referenced in API requests to securely authenticate with the WHOOP Developer Platform. ```APIDOC Variables: - Name: ClientId Description: Unique client ID from WHOOP Developer Dashboard - Name: ClientSecret Description: Secret for the client ID from WHOOP Developer Dashboard ``` -------------------------------- ### Example WHOOP Webhook Request Body (JSON) Source: https://developer.whoop.com/docs/introduction/developing/webhooks This JSON snippet shows an example webhook request body sent by WHOOP for an event like 'sleep.updated'. It includes the user ID, an event-specific ID (e.g., sleep ID), the type of event, and a trace ID for debugging. This body is used by the receiving application to determine subsequent actions, such as making a GET request to retrieve detailed data. ```JSON { "user_id": 456, "id": 1234, "type": "sleep.updated", "trace_id": "e369c784-5100-49e8-8098-75d35c47b31b" } ``` -------------------------------- ### Example WHOOP Cycle JSON Object Source: https://developer.whoop.com/docs/introduction/developing/user-data/cycle Illustrates a sample JSON representation of a WHOOP Physiological Cycle, including its unique identifier, user ID, timestamps, timezone offset, score state, and detailed score metrics. ```JSON { "id": 93845, "user_id": 10129, "created_at": "2022-04-24T11:25:44.774Z", "updated_at": "2022-04-24T14:25:44.774Z", "start": "2022-04-24T02:25:44.774Z", "end": "2022-04-24T10:25:44.774Z", "timezone_offset": "-05:00", "score_state": "SCORED", "score": { "strain": 5.2951527, "kilojoule": 8288.297, "average_heart_rate": 68, "max_heart_rate": 141 } } ``` -------------------------------- ### WHOOP API Refresh Token Response Example Source: https://developer.whoop.com/docs/introduction/tutorials/refresh-token-postman Example JSON payload received after successfully refreshing an access token using the WHOOP API. It includes the new access token, its expiration time, a new refresh token, the granted scopes, and the token type. ```JSON { "access_token": "the-value-of-the-new-access-token", "expires_in": 3600, "refresh_token": "the-value-of-the-new-refresh-token", "scope": "offline other-scopes-requested", "token_type": "bearer" } ``` -------------------------------- ### WHOOP User Basic Profile Data Model and Example Source: https://developer.whoop.com/docs/introduction/developing/user-data/user Defines the structure for a user's basic profile information, including their unique ID, email, first name, and last name. All fields are required for this data model. ```APIDOC user_id: integer (required) description: The WHOOP User ID email: string (required) description: User's Email first_name: string (required) description: User's First Name last_name: string (required) description: User's Last Name ``` ```JSON { "user_id": 10129, "email": "jsmith123@whoop.com", "first_name": "John", "last_name": "Smith" } ``` -------------------------------- ### Initial Request for Paginated Sleep Data Source: https://developer.whoop.com/docs/introduction/developing/pagination Initiates a GET request to retrieve a user's sleep data for a specified date range (January to April 2022). This is the first step in paginating through large datasets. ```HTTP GET https://api.prod.whoop.com/developer/v1/activity/sleep?start=2022-01-01T00:00:00.000Z&end=2022-04-01T00:00:00.000Z ``` -------------------------------- ### Example WHOOP Sleep Activity JSON Response Source: https://developer.whoop.com/docs/introduction/developing/user-data/sleep A sample JSON payload demonstrating the structure and typical values for a WHOOP Sleep Activity object, including details for the nested 'score' object when the 'score_state' is 'SCORED'. ```JSON { "id": 93845, "user_id": 10129, "created_at": "2022-04-24T11:25:44.774Z", "updated_at": "2022-04-24T14:25:44.774Z", "start": "2022-04-24T02:25:44.774Z", "end": "2022-04-24T10:25:44.774Z", "timezone_offset": "-05:00", "nap": false, "score_state": "SCORED", "score": { "stage_summary": { "total_in_bed_time_milli": 30272735, "total_awake_time_milli": 1403507, "total_no_data_time_milli": 0, "total_light_sleep_time_milli": 14905851, "total_slow_wave_sleep_time_milli": 6630370, "total_rem_sleep_time_milli": 5879573, "sleep_cycle_count": 3, "disturbance_count": 12 }, "sleep_needed": { "baseline_milli": 27395716, "need_from_sleep_debt_milli": 352230, "need_from_recent_strain_milli": 208595, "need_from_recent_nap_milli": -12312 }, "respiratory_rate": 16.11328125, "sleep_performance_percentage": 98, "sleep_consistency_percentage": 90, "sleep_efficiency_percentage": 91.69533848 } } ``` -------------------------------- ### WHOOP Get Cycle Collection API Response Schema and Example Source: https://developer.whoop.com/docs/introduction/tutorials/get-current-recovery-score This API documentation outlines the expected JSON response structure for the WHOOP `getCycleCollection` endpoint. It details the `records` array, containing `Cycle` objects with properties like `id`, `user_id`, timestamps, and a nested `score` object. Additionally, it specifies the `next_token` for pagination, providing a comprehensive schema and an illustrative example. ```APIDOC Response Body: records: Array of objects (Cycle) description: The collection of records in this page. properties: id: integer user_id: integer created_at: string (ISO 8601 datetime) updated_at: string (ISO 8601 datetime) start: string (ISO 8601 datetime) end: string (ISO 8601 datetime) timezone_offset: string (e.g., "-05:00") score_state: string (e.g., "SCORED") score: object properties: strain: number kilojoule: number average_heart_rate: integer max_heart_rate: integer next_token: string description: A token that can be used on the next request to access the next page of records. If the token is not present, there are no more records in the collection. Example Response: { "records": [ { "id": 93845, "user_id": 10129, "created_at": "2022-04-24T11:25:44.774Z", "updated_at": "2022-04-24T14:25:44.774Z", "start": "2022-04-24T02:25:44.774Z", "end": "2022-04-24T10:25:44.774Z", "timezone_offset": "-05:00", "score_state": "SCORED", "score": { "strain": 5.2951527, "kilojoule": 8288.297, "average_heart_rate": 68, "max_heart_rate": 141 } } ], "next_token": "MTIzOjEyMzEyMw" } ``` -------------------------------- ### Example WHOOP API Rate Limit Response Headers Source: https://developer.whoop.com/docs/introduction/developing/rate-limiting This snippet illustrates the HTTP response headers provided by the WHOOP API to convey real-time rate limit status. It includes the X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset headers, which indicate the total allowed requests, the number of requests remaining in the current window, and the time until the limit resets, respectively. ```APIDOC X-RateLimit-Limit = "100, 100;window=60, 10000;window=86400" X-RateLimit-Remaining = "98" X-RateLimit-Reset = "3" ``` -------------------------------- ### WHOOP User Body Measurements Data Model and Example Source: https://developer.whoop.com/docs/introduction/developing/user-data/user Defines the structure for a user's body measurements, such as height in meters, weight in kilograms, and calculated maximum heart rate. All fields are required for this data model. ```APIDOC height_meter: number (required) description: User's height in meters weight_kilogram: number (required) description: User's weight in kilograms max_heart_rate: integer (required) description: The max heart rate WHOOP calculated for the user (Reference: WHOOP Locker: Understanding Max Heart Rate and Why It Matters for Training) ``` ```JSON { "height_meter": 1.8288, "weight_kilogram": 90.7185, "max_heart_rate": 200 } ``` -------------------------------- ### WHOOP Get Cycle Recovery API Response Schema Source: https://developer.whoop.com/docs/introduction/tutorials/get-current-recovery-score This section details the expected JSON response structure for the WHOOP Get Cycle Recovery API endpoint. It outlines the required fields, their data types, and descriptions, including the `score_state` enum and the nested `RecoveryScore` object, along with an example response. ```APIDOC Response Fields: cycle_id: integer (required) - The Recovery represents how recovered the user is for this physiological cycle sleep_id: integer (required) - ID of the Sleep associated with the Recovery user_id: integer (required) - The WHOOP User for the recovery created_at: string (required) - The time the recovery was recorded in WHOOP updated_at: string (required) - The time the recovery was last updated in WHOOP score_state: string (required) - Enum: "SCORED", "PENDING_SCORE", "UNSCORABLE". - SCORED: Recovery was scored and measurement values will be present. - PENDING_SCORE: WHOOP is currently evaluating the cycle. - UNSCORABLE: Activity could not be scored (e.g., not enough user metric data). score: object (RecoveryScore) - WHOOP's measurements and evaluation of the recovery. Only present if the Recovery State is SCORED. user_calibrating: boolean recovery_score: integer resting_heart_rate: integer hrv_rmssd_milli: number spo2_percentage: number skin_temp_celsius: number Example Response: { "cycle_id": 93845, "sleep_id": 10235, "user_id": 10129, "created_at": "2022-04-24T11:25:44.774Z", "updated_at": "2022-04-24T14:25:44.774Z", "score_state": "SCORED", "score": { "user_calibrating": false, "recovery_score": 44, "resting_heart_rate": 64, "hrv_rmssd_milli": 31.813562, "spo2_percentage": 95.6875, "skin_temp_celsius": 33.7 } } ``` -------------------------------- ### Initialize Query Parameters for WHOOP API Request Source: https://developer.whoop.com/docs/introduction/tutorials/get-current-recovery-score This JavaScript snippet initializes an `accessToken` placeholder and constructs a `URLSearchParams` object. The `limit: "1"` parameter is set to ensure that API requests for cycle data retrieve only the most recent record, which is crucial for identifying the current cycle. ```javascript const accessToken = "__ACCESS_TOKEN_FOR_USER__"; query = new URLSearchParams({ limit: "1" }); ``` -------------------------------- ### Fetch Current WHOOP Cycle Data using JavaScript Source: https://developer.whoop.com/docs/introduction/tutorials/get-current-recovery-score This asynchronous JavaScript function `getCurrentCycle` performs a GET request to the WHOOP API's `/developer/v1/cycle` endpoint. It requires an `accessToken` for Bearer token authorization and a `query` object for URL parameters. The function parses the JSON response upon a successful 200 status, otherwise, it throws an error indicating the API status. ```javascript const getCurrentCycle = async (accessToken, query) => { const uri = `https://api.prod.whoop.com/developer/v1/cycle?${query}`; const cycleResponse = await fetch(uri, { headers: { Authorization: `Bearer ${accessToken}` } }); if (cycleResponse.status === 200) { return cycleResponse.json(); } else { throw new Error(`Received ${cycleResponse.status} status from Whoop`); } }; ``` -------------------------------- ### Fetch WHOOP Cycle Recovery Data with JavaScript Source: https://developer.whoop.com/docs/introduction/tutorials/get-current-recovery-score This asynchronous JavaScript function demonstrates how to fetch the recovery score for a specific WHOOP cycle using the WHOOP API. It handles successful responses (200), cases where no recovery exists (404), and other API errors. It requires an `accessToken` for authorization and a `cycleId`. ```JavaScript const getRecoveryForCycle: = async (accessToken, cycleId) => { const uri = `https://api.prod.whoop.com/developer/v1/cycle/${cycleId}/recovery` const recoveryResponse = await fetch(uri, { headers: { Authorization: `Bearer ${accessToken}`, }, }) if (recoveryResponse.status === 200) { return recoveryResponse.json() } else if (recoveryResponse.status === 404) { return null } else { throw new Error(`Received ${recoveryResponse.status} status from Whoop`) } } ``` -------------------------------- ### Fetch WHOOP User Profile Data with Access Token Source: https://developer.whoop.com/docs/introduction/tutorials/access-token-passport This asynchronous function retrieves basic user profile details from the WHOOP API. It takes an `accessToken` and a `done` callback. The function makes a GET request to the `/developer/v1/user/profile/basic` endpoint, passing the access token as a Bearer token in the Authorization header. It then parses the JSON response and invokes the `done` callback with the normalized profile data. ```JavaScript const fetchProfile = async ( accessToken, done, ) => { const profileResponse = await fetch( `${process.env.WHOOP_API_HOSTNAME}/developer/v1/user/profile/basic`, { headers: { Authorization: `Bearer ${accessToken}`, }, }, ) const profile = await profileResponse.json() done(null, profile) } ``` -------------------------------- ### Passport.js Callback for WHOOP OAuth Authentication Success Source: https://developer.whoop.com/docs/introduction/tutorials/access-token-passport This function is executed by Passport.js once the OAuth flow is complete. It receives the access token, refresh token, token expiration details, and the user's profile. The example demonstrates using Prisma to upsert user information (first name, last name, WHOOP user ID, and tokens) into a database. The `done` callback is then invoked with the user object. Parameters include: `accessToken` (for future API requests), `refreshToken` (to obtain new access tokens), `expires_in` (token validity duration), `profile` (normalized user data), and `done` (callback function). ```JavaScript const getUser = async ( accessToken, refreshToken, {expires_in}, profile, done, ) => { const {first_name, last_name, user_id} = profile const createUserParams = { accessToken, expiresAt: Date.now() + expires_in * 1000, firstName: first_name, lastName: last_name, refreshToken, userId: user_id, } const user = await prisma.user.upsert({ where: {userId: user_id}, create: createUserParams, update: createUserParams, }) done(null, user) } ``` -------------------------------- ### API Response with next_token for Pagination Source: https://developer.whoop.com/docs/introduction/developing/pagination Illustrates the structure of the API response for paginated collections. It includes the 'records' array containing the data and a 'next_token' used to fetch the subsequent page. ```JSON { "records": [ { ... } ], "next_token": "eyIkIjoib0AxIiwibyI6MTB9" } ``` -------------------------------- ### Sample POST Request Payload for Refreshing Access Token Source: https://developer.whoop.com/docs/introduction/developing/oauth This JSON payload is used to request a new access token using a refresh token. It requires the 'grant_type' to be 'refresh_token', along with the 'refresh_token', 'client_id', 'client_secret', and 'scope' parameters. ```json { "grant_type": "refresh_token", "refresh_token": "{{RefreshToken}}", "client_id": "{{ClientID}}", "client_secret": "{{ClientSecret}}", "scope": "offline" } ``` -------------------------------- ### Sample POST Response Payload for Access Token Refresh Source: https://developer.whoop.com/docs/introduction/developing/oauth This JSON payload represents the successful response received after refreshing an access token. It contains the new 'access_token', its 'expires_in' duration, a new 'refresh_token', the granted 'scope', and the 'token_type'. ```json { "access_token": "the-value-of-the-new-access-token", "expires_in": 3600, "refresh_token": "the-value-of-the-new-refresh-token", "scope": "offline other-scopes-requested", "token_type": "bearer" } ``` -------------------------------- ### Set up WHOOP Authentication Routes with Passport.js in Express Source: https://developer.whoop.com/docs/introduction/tutorials/access-token-passport This code snippet illustrates how to configure Express.js routes for initiating and handling the WHOOP OAuth authentication flow using Passport.js. It defines an initial route to trigger the authentication and a callback route to process the response, redirecting users upon success or failure. ```JavaScript app.get('/auth/example', passport.authenticate('withWhoop')); app.get('/auth/example/callback', passport.authenticate('withWhoop', {failureRedirect: '/login'}), function (req, res) { res.redirect('/welcome'); }); ``` -------------------------------- ### WHOOP Webhook Event Types Reference Source: https://developer.whoop.com/docs/introduction/developing/webhooks Lists the various event types that trigger WHOOP webhooks, along with their associated ID types and detailed explanations of when each event occurs. ```APIDOC Webhook Event Types: recovery.updated: ID Type: The id of the cycle for the recovery Explanation: Occurs when a recovery is created or updated. recovery.deleted: ID Type: The id of the cycle for the recovery Explanation: Occurs when a recovery is deleted. Note: a recovery is deleted when its associated sleep is deleted. workout.updated: ID Type: The id of the workout Explanation: Occurs when a workout is created or updated. workout.deleted: ID Type: The id of the workout Explanation: Occurs when a workout is deleted. sleep.updated: ID Type: The id of the sleep Explanation: Occurs when a sleep is created or updated. sleep.deleted: ID Type: The id of the sleep Explanation: Occurs when a sleep is deleted. ``` -------------------------------- ### API Changelog: Strength Trainer Activities via /workout Endpoint Source: https://developer.whoop.com/docs/introduction/api-changelog Announces the availability of Strength Trainer activities through the WHOOP API's /workout endpoint, allowing developers to access this new data type. ```APIDOC /workout ``` -------------------------------- ### Integrate WHOOP OAuth Strategy with Passport.js Source: https://developer.whoop.com/docs/introduction/tutorials/access-token-passport This snippet demonstrates how to configure and use the WHOOP OAuth2 strategy with Passport.js. It initializes a new `OAuth2Strategy` with the WHOOP configuration and the `getUser` callback for handling authentication success. It also assigns the `fetchProfile` function to the strategy's `userProfile` property to enable profile retrieval. Finally, it registers the strategy with Passport.js under the name 'withWhoop'. ```JavaScript const whoopAuthorizationStrategy = new OAuth2Strategy(whoopOAuthConfig, getUser) whoopAuthorizationStrategy.userProfile = fetchProfile passport.use('withWhoop', whoopAuthorizationStrategy) ``` -------------------------------- ### Making the WHOOP Access Token Refresh API Call (JavaScript) Source: https://developer.whoop.com/docs/introduction/tutorials/refresh-token-javascript This asynchronous JavaScript function, `getFreshTokens`, demonstrates how to use the Fetch API to send a POST request to the WHOOP OAuth token endpoint. It properly sets the `Content-Type` header and includes the URL-encoded parameters to retrieve new access and refresh tokens. ```JavaScript const getFreshTokens = async (refreshParams) => { const body = new URLSearchParams(refreshParams) const headers = { 'Content-Type': 'application/x-www-form-urlencoded', } const refreshTokenResponse = await fetch( `https://api.prod.whoop.com/oauth/oauth2/token`, { body, headers, method: 'POST', }, ) return refreshTokenResponse.json() } ``` -------------------------------- ### Configure Postman OAuth 2.0 for WHOOP API Authentication Flow Source: https://developer.whoop.com/docs/introduction/tutorials/access-token-postman Detailed configuration for Postman's OAuth 2.0 authorization, specifying endpoints, client credentials, scopes, and state parameters required to obtain access tokens from the WHOOP API. ```APIDOC Type: OAuth 2.0 Add auth data to: Request Headers Access Token: Available tokens Header Prefix: Bearer Grant Type: Authorization Code Callback URL: check "Authorize using browser" Auth URL: https://api.prod.whoop.com/oauth/oauth2/auth Access Token URL: https://api.prod.whoop.com/oauth/oauth2/token Client Id: {{ClientId}} Client Secret: {{ClientSecret}} Scope: State: Client Authentication: Send client credentials in body ``` -------------------------------- ### Configure WHOOP OAuth2 Strategy in Javascript with Passport.js Source: https://developer.whoop.com/docs/introduction/tutorials/access-token-passport Define the configuration object for the Passport.js OAuth 2.0 strategy. This object specifies the authorization and token URLs, client credentials, callback URL, state management, and required scopes for accessing WHOOP user data. ```javascript const whoopOAuthConfig = { authorizationURL: `${process.env.WHOOP_API_HOSTNAME}/oauth/oauth2/auth`, tokenURL: `${process.env.WHOOP_API_HOSTNAME}/oauth/oauth2/token`, clientID: process.env.CLIENT_ID, clientSecret: process.env.CLIENT_SECRET, callbackURL: process.env.CALLBACK_URL, state: true, scope: [ 'offline', 'read:profile' ] } ``` -------------------------------- ### Constructing WHOOP Refresh Token Request Parameters (JavaScript) Source: https://developer.whoop.com/docs/introduction/tutorials/refresh-token-javascript This JavaScript snippet defines the `refreshParams` object, which contains all the necessary parameters for requesting new access and refresh tokens from the WHOOP OAuth 2.0 endpoint. It includes the grant type, client credentials, scope, and the existing refresh token. ```JavaScript const refreshParams = { grant_type: 'refresh_token', client_id: process.env.CLIENT_ID, client_secret: process.env.CLIENT_SECRET, scope: 'offline', refresh_token: refresh_token, } ``` -------------------------------- ### WHOOP OAuth 2.0 Authorization Endpoint Source: https://developer.whoop.com/docs/introduction/developing/oauth This WHOOP URL prompts a user to authorize your app to access their data. After the user grants authorization, WHOOP will respond with an authorization code. ```APIDOC https://api.prod.whoop.com/oauth/oauth2/auth ``` -------------------------------- ### WHOOP Workout Data Model Schema Source: https://developer.whoop.com/docs/introduction/developing/user-data/workout Defines the structure and properties of the Workout activity object in the WHOOP API, including required fields, data types, and descriptions for each attribute, along with nested objects like WorkoutScore and ZoneDuration. ```APIDOC Workout: id: integer (required) - Unique identifier for the workout activity user_id: integer (required) - The WHOOP User who performed the workout created_at: string (required) - The time the workout activity was recorded in WHOOP updated_at: string (required) - The time the workout activity was last updated in WHOOP start: string (required) - Start time bound of the workout end: string (required) - End time bound of the workout timezone_offset: string (required) - The user's timezone offset at the time the workout was recorded. Follows format for Time Zone Designator (TZD) - '+hh:mm', '-hh:mm', or 'Z'. sport_id: integer (required) - ID of the WHOOP Sport performed during the workout score_state: string (required) - Enum: "SCORED", "PENDING_SCORE", "UNSCORABLE". SCORED means the workout activity was scored and the measurement values will be present. PENDING_SCORE means WHOOP is currently evaluating the workout activity. UNSCORABLE means this activity could not be scored for some reason - commonly because there is not enough user metric data for the time range. score: object (WorkoutScore) - WHOOP's measurements and evaluation of the workout activity. Only present if the Workout State is `SCORED`. WorkoutScore: strain: number average_heart_rate: integer max_heart_rate: integer kilojoule: number percent_recorded: integer distance_meter: number altitude_gain_meter: number altitude_change_meter: number zone_duration: object (ZoneDuration) ZoneDuration: zone_zero_milli: integer zone_one_milli: integer zone_two_milli: integer zone_three_milli: integer zone_four_milli: integer zone_five_milli: integer ``` -------------------------------- ### WHOOP OAuth 2.0 Token Exchange Endpoint Source: https://developer.whoop.com/docs/introduction/developing/oauth This WHOOP URL provides your app with the authorization code from the authorization URL after the WHOOP user authorizes your app to access their WHOOP data. This endpoint provides an access token in exchange for the authorization code. ```APIDOC https://api.prod.whoop.com/oauth/oauth2/token ``` -------------------------------- ### WHOOP Recovery Data Model Definition Source: https://developer.whoop.com/docs/introduction/developing/user-data/recovery Defines the structure and fields of the WHOOP Recovery object, including required fields, data types, and descriptions of each attribute. It details how the recovery score is calculated and the various states it can be in. ```APIDOC Recovery Object Properties: cycle_id: type: integer required: true description: The Recovery represents how recovered the user is for this physiological cycle sleep_id: type: integer required: true description: ID of the Sleep associated with the Recovery user_id: type: integer required: true description: The WHOOP User for the recovery created_at: type: string required: true description: The time the recovery was recorded in WHOOP updated_at: type: string required: true description: The time the recovery was last updated in WHOOP score_state: type: string required: true enum: ["SCORED", "PENDING_SCORE", "UNSCORABLE"] description: | `SCORED` means the recovery was scored and the measurement values will be present. `PENDING_SCORE` means WHOOP is currently evaluating the cycle. `UNSCORABLE` means this activity could not be scored for some reason - commonly because there is not enough user metric data for the time range. score: type: object (RecoveryScore) required: false description: WHOOP's measurements and evaluation of the recovery. Only present if the Recovery State is `SCORED`. ``` -------------------------------- ### WHOOP API Refresh Token POST Request Parameters Source: https://developer.whoop.com/docs/introduction/tutorials/refresh-token-postman Details for making a POST request to the WHOOP API refresh token endpoint. Specifies the URL, HTTP method, and x-www-form-urlencoded body parameters required to obtain a new access token. ```APIDOC Endpoint: https://api.prod.whoop.com/oauth/oauth2/token Method: POST Body Type: x-www-form-urlencoded Parameters: - grant_type: refresh_token (Required) - Explicitly tells an OAuth provider you're asking for a refresh token. - refresh_token: string (Required) - The value of the refresh token received along with an access token. - client_id: string (Required) - A unique identifier for your client. - client_secret: string (Required) - A secret value that accompanies your client identifier. - scope: string (Optional) - The 'offline' scope allows you to get a new refresh token and an access token. ``` -------------------------------- ### WHOOP OAuth Token Refresh API Response Schema (APIDOC) Source: https://developer.whoop.com/docs/introduction/tutorials/refresh-token-javascript This API documentation snippet, presented as a TypeScript interface, outlines the expected structure of the JSON response received from the WHOOP OAuth 2.0 token refresh endpoint. It details the `access_token`, `refresh_token`, `expires_in` (token validity duration), `scope`, and `token_type` fields. ```APIDOC interface AuthResult { access_token: string refresh_token: string expires_in: number scope: string token_type: 'bearer' } ``` -------------------------------- ### WHOOP API Refresh Token Endpoint Source: https://developer.whoop.com/docs/introduction/developing/oauth The URL where your application sends a POST request to exchange a refresh token for a new access token and refresh token pair. ```APIDOC https://api.prod.whoop.com/oauth/oauth2/token ``` -------------------------------- ### WHOOP Sleep Activity Data Model Definition Source: https://developer.whoop.com/docs/introduction/developing/user-data/sleep Defines the structure and properties of the WHOOP Sleep Activity data model, including required fields, data types, and descriptions for each attribute. It also details the nested 'score' object and its sub-properties. ```APIDOC id: integer (required) - Unique identifier for the sleep activity user_id: integer (required) - The WHOOP User who performed the sleep activity created_at: string (required) - The time the sleep activity was recorded in WHOOP updated_at: string (required) - The time the sleep activity was last updated in WHOOP start: string (required) - Start time bound of the sleep end: string (required) - End time bound of the sleep timezone_offset: string (required) - The user's timezone offset at the time the sleep was recorded. Follows format for Time Zone Designator (TZD) - '+hh:mm', '-hh:mm', or 'Z'. Learn more about the Time Zone Designator from the W3C Standard (https://www.w3.org/TR/NOTE-datetime) nap: boolean (required) - If true, this sleep activity was a nap for the user score_state: string (required) - Enum: "SCORED", "PENDING_SCORE", "UNSCORABLE". `SCORED` means the sleep activity was scored and the measurement values will be present. `PENDING_SCORE` means WHOOP is currently evaluating the sleep activity. `UNSCORABLE` means this activity could not be scored for some reason - commonly because there is not enough user metric data for the time range. score: object (SleepScore) - WHOOP's measurements and evaluation of the sleep activity. Only present if the Sleep State is `SCORED` stage_summary: object total_in_bed_time_milli: integer total_awake_time_milli: integer total_no_data_time_milli: integer total_light_sleep_time_milli: integer total_slow_wave_sleep_time_milli: integer total_rem_sleep_time_milli: integer sleep_cycle_count: integer disturbance_count: integer sleep_needed: object baseline_milli: integer need_from_sleep_debt_milli: integer need_from_recent_strain_milli: integer need_from_recent_nap_milli: integer respiratory_rate: number sleep_performance_percentage: integer sleep_consistency_percentage: integer sleep_efficiency_percentage: number ``` -------------------------------- ### WHOOP Sport ID to Name Mapping Source: https://developer.whoop.com/docs/introduction/developing/user-data/workout This table lists the official Sport IDs and their associated sport names used across the WHOOP platform. Developers can use these IDs to categorize or query activity data via the WHOOP API. ```APIDOC Sport ID | Sport --- | --- -1 | Activity 0 | Running 1 | Cycling 16 | Baseball 17 | Basketball 18 | Rowing 19 | Fencing 20 | Field Hockey 21 | Football 22 | Golf 24 | Ice Hockey 25 | Lacrosse 27 | Rugby 28 | Sailing 29 | Skiing 30 | Soccer 31 | Softball 32 | Squash 33 | Swimming 34 | Tennis 35 | Track & Field 36 | Volleyball 37 | Water Polo 38 | Wrestling 39 | Boxing 42 | Dance 43 | Pilates 44 | Yoga 45 | Weightlifting 47 | Cross Country Skiing 48 | Functional Fitness 49 | Duathlon 51 | Gymnastics 52 | Hiking/Rucking 53 | Horseback Riding 55 | Kayaking 56 | Martial Arts 57 | Mountain Biking 59 | Powerlifting 60 | Rock Climbing 61 | Paddleboarding 62 | Triathlon 63 | Walking 64 | Surfing 65 | Elliptical 66 | Stairmaster 70 | Meditation 71 | Other 73 | Diving 74 | Operations - Tactical 75 | Operations - Medical 76 | Operations - Flying 77 | Operations - Water 82 | Ultimate 83 | Climber 84 | Jumping Rope 85 | Australian Football 86 | Skateboarding 87 | Coaching 88 | Ice Bath 89 | Commuting 90 | Gaming 91 | Snowboarding 92 | Motocross 93 | Caddying 94 | Obstacle Course Racing 95 | Motor Racing 96 | HIIT 97 | Spin 98 | Jiu Jitsu 99 | Manual Labor 100 | Cricket 101 | Pickleball 102 | Inline Skating 103 | Box Fitness 104 | Spikeball 105 | Wheelchair Pushing 106 | Paddle Tennis 107 | Barre 108 | Stage Performance 109 | High Stress Work 110 | Parkour 111 | Gaelic Football 112 | Hurling/Camogie 113 | Circus Arts 121 | Massage Therapy 123 | Strength Trainer 125 | Watching Sports 126 | Assault Bike 127 | Kickboxing 128 | Stretching 230 | Table Tennis 231 | Badminton 232 | Netball 233 | Sauna 234 | Disc Golf 235 | Yard Work 236 | Air Compression 237 | Percussive Massage 238 | Paintball 239 | Ice Skating 240 | Handball 248 | F45 Training 249 | Padel 250 | Barry's 251 | Dedicated Parenting 252 | Stroller Walking 253 | Stroller Jogging 254 | Toddlerwearing 255 | Babywearing 258 | Barre3 259 | Hot Yoga 261 | Stadium Steps 262 | Polo 263 | Musical Performance 264 | Kite Boarding 266 | Dog Walking 267 | Water Skiing 268 | Wakeboarding 269 | Cooking 270 | Cleaning 272 | Public Speaking ``` -------------------------------- ### Validate WHOOP Webhook Signature (Pseudocode) Source: https://developer.whoop.com/docs/introduction/developing/webhooks This pseudocode demonstrates the process of validating a WHOOP webhook signature. It involves prepending a timestamp to the raw request body, generating an HMAC SHA256 signature using a client secret, base64 encoding the result, and comparing it to the provided X-WHOOP-Signature header. This ensures the webhook originates from WHOOP and has not been tampered with. ```Pseudocode calculated_signature_string = base64Encode(HMACSHA256(timestamp_header + raw_http_request_body, client_secret)) ``` -------------------------------- ### WHOOP Cycle Data Model Fields Source: https://developer.whoop.com/docs/introduction/developing/user-data/cycle Defines the structure and properties of a WHOOP Physiological Cycle object, including required fields, data types, and descriptions for each attribute. ```APIDOC id required: integer - Unique identifier for the physiological cycle user_id required: integer - The WHOOP User for the physiological cycle created_at required: string - The time the cycle was recorded in WHOOP updated_at required: string - The time the cycle was last updated in WHOOP start required: string - Start time bound of the cycle end: string - End time bound of the cycle. If not present, the user is currently in this cycle timezone_offset required: string - The user's timezone offset at the time the cycle was recorded. Follows format for Time Zone Designator (TZD) - '+hh:mm', '-hh:mm', or 'Z'. Learn more about the Time Zone Designator from the W3C Standard score_state required: string - Enum: "SCORED", "PENDING_SCORE", "UNSCORABLE". SCORED means the cycle was scored and the measurement values will be present. PENDING_SCORE means WHOOP is currently evaluating the cycle. UNSCORABLE means this activity could not be scored for some reason - commonly because there is not enough user metric data for the time range. score: object (CycleScore) - WHOOP's measurements and evaluation of the cycle. Only present if the score state is SCORED ``` -------------------------------- ### WHOOP Webhook Request Body Fields Specification Source: https://developer.whoop.com/docs/introduction/developing/webhooks Defines the structure and data types of the fields included in the POST request body of a WHOOP webhook, detailing each parameter's purpose and possible values. ```APIDOC Webhook Request Body Fields: user_id: int64 - The WHOOP User for the event id: int64 - Identifier of the object that triggered this webhook type: string (Enum: "workout.updated", "workout.deleted", "sleep.updated", "sleep.deleted", "recovery.updated", "recovery.deleted") - The type of event that triggered this webhook trace_id: string - Trace ID for the event that triggered this webhook ``` -------------------------------- ### API Changelog: Revoke User OAuth Access Endpoint Source: https://developer.whoop.com/docs/introduction/api-changelog Introduces the revokeUserOauthAccess endpoint, enabling applications to revoke a user's access token to disable integration and stop receiving webhooks, enhancing user privacy control. ```APIDOC revokeUserOauthAccess ``` -------------------------------- ### API Endpoint: Revoke User OAuth Access Source: https://developer.whoop.com/docs/introduction/developing/oauth This API endpoint is used to revoke a user's access token, typically when they disable an integration. Revoking the token ensures privacy and stops webhook notifications for the user. It is accessed via the 'revokeUserOauthAccess' operation under the User tag in the WHOOP API. ```APIDOC Endpoint: revokeUserOAuthAccess Tag: User Purpose: Revokes a user's access token. Usage: Call this endpoint when a user disables your integration to respect their privacy and stop receiving webhooks. Reference: https://developer.whoop.com/api/#tag/User/operation/revokeUserOAuthAccess ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.