How to integrate Whoop API data into your health app

Key Takeaways

• Integrating the Whoop API directly requires building OAuth 2.0 flows, managing token refresh, polling for new data, and normalizing response shapes.
• Open Wearables handles all of that infrastructure so you make a single sync call and read normalized data from one consistent schema.
• Whoop requires an active paid membership to grant API access. Free accounts are not supported.
• The sync endpoint accepts a data_type parameter (workouts, 247, or all) and defaults to the last 30 days when no date range is specified.
• Whoop provides solid workout, sleep, recovery, and HRV data. It does not provide continuous 24/7 timeseries or step counts.
• The entire stack is MIT-licensed, self-hosted, and costs $0 per user.
• You can be reading normalized Whoop data in a local environment within minutes of running docker compose up -d.

What You Have to Build When You Call the Whoop API Directly

If you go straight to the Whoop API, the first thing you encounter is OAuth 2.0. That means building an authorization redirect, handling the callback, exchanging the code for tokens, storing those tokens, and implementing a refresh flow before the access token expires. None of that delivers any health data. It just gets you to the point where you can start asking for data.

Then comes polling. Whoop does not push data to you. You set up a scheduled job that calls their endpoints at intervals, tracks sync state per user, handles rate limits, and deals with partial failures when a polling job times out.

Then normalization. Whoop returns data in its own schema. If you ever add a second wearable provider, every field name, every unit, and every data structure differs. You now maintain a mapping layer that grows with every new device you support.

What Open Wearables Does for the Whoop API Integration

Open Wearables wraps the Whoop API so that the infrastructure described above is already built.

OAuth lifecycle. OW exposes a single authorize endpoint. You redirect your user there, and OW handles the full OAuth 2.0 flow including token storage and refresh.

Polling and sync state. When you trigger a sync, OW handles the requests to Whoop's REST endpoints, manages pagination, and tracks what has already been fetched per user.

Normalization. OW writes all Whoop data into a canonical schema: heart rate in bpm, distances in meters, timestamps in UTC.

Whoop Data Coverage: What You Get and What You Do Not

Available: Workouts (145+ activity types), sleep with full stage data, recovery metrics, HRV.

Not available: Continuous 24/7 heart rate timeseries, step counts, 24/7 timeseries data.

If your core feature requires continuous biometric streams or step-based activity tracking, Whoop is not the right primary source. If your use case is workout analysis, sleep quality, or recovery-based recommendations, Whoop data is well-suited.

Setup and OAuth

Prerequisites: An active Whoop membership, a registered developer application at developer.whoop.com, Open Wearables running.

When configuring OAuth redirect URIs, add:

            http://localhost:8000/api/v1/oauth/whoop/callback
          

To connect a user's Whoop account:

            GET /api/v1/oauth/whoop/authorize?user_id={id}&redirect_uri={url}
          

OW handles the full OAuth exchange. Once the user completes the flow, their tokens are stored and you can begin syncing.

Syncing Whoop Data

            POST /api/v1/providers/whoop/users/{user_id}/sync
          

The data_type parameter controls what gets fetched: workouts, 247, or all. When no date range is specified, OW defaults to syncing the last 30 days of Whoop data.

Reading Normalized Data

            GET /api/v1/users/{user_id}/events/workouts
GET /api/v1/users/{user_id}/events/sleep
GET /api/v1/users/{user_id}/timeseries
          

All responses use canonical units and a consistent schema regardless of provider.

Quickstart

            git clone https://github.com/the-momentum/open-wearables.git
cd open-wearables
docker compose up -d
          

API at http://localhost:8000. Auth via X-Open-Wearables-API-Key header. MIT-licensed, $0 per user.

See Related Articles

• Building a health app with Whoop API data
• How to sync wearable data from multiple devices
• How to normalize wearable data across providers
• How to integrate Polar data into your health app
• Wearable API integration: comparing SaaS, custom build, and open source

FAQ

Does the Whoop API require a paid membership?

Yes. Whoop requires an active paid membership to grant API access. Free accounts cannot be used.

What Whoop data types can I access through Open Wearables?

Workout records (145+ activity types), sleep data, recovery metrics, and HRV. Continuous 24/7 heart rate timeseries and step counts are not available from the Whoop API.

How far back does a default Whoop sync go?

When no date range is specified, OW defaults to syncing the last 30 days of Whoop data.

How does OW handle Whoop token refresh?

OW manages the full OAuth 2.0 token lifecycle including refresh. Once a user has authorized access, you do not need to interact with Whoop's authorization servers again under normal circumstances.

Is there a cost per user for running Open Wearables?

No. OW is MIT-licensed and self-hosted. There is no per-user pricing.