TrainerDay public API To use the API, you will need the application credentials provided to you by TrainerDay.
All API requests require a valid OAuth token that identifies the application and the user account under which the application is accessing data.
All calls to the oAuth2 API TrainerDay require an "access token" that identifies the user and application making the call.
To get an access token, you need to register an application. A registered application will be assigned a client ID and client secret.
You must never reveal your secret using it for authorization.
To get application credentials, fill out the form HERE
Each application is assigned a client_id and client_secret and scopes. Your application can then request authorization for a user. Once a user has granted authorization, you will receive access token and a refresh token for each user. The access token is used by your application to make requests until it expires and the refresh token is used to get an un updated access token.
TrainerDay provides an OAuth 2.0 Third-party applications can use it to request permission from TrainerDay users to access their data securely.
/oauth/authorizecode in redirectaccess_tokenaccess_token to call TrainerDay APIrefresh_token to renew accesshttps://api.trainerday.com/oauth/authorizehttps://api.trainerday.com/oauth/tokenhttps://api.trainerday.com/oauth/token/revokehttps://api.trainerday.com/oauth/token/introspectionathlete:read — view user profile (required)athlete:write — edit user profileworkout:read — view workoutsworkout:write — create or edit workoutscalendar:read — view training calendarcalendar:write — modify training calendaractivities:read — view completed activitiesactivities:write — upload new activitiesBefore using the API, register your application with TrainerDay. You will receive:
Redirect the user to the authorization endpoint:
GET https://api.trainerday.com/oauth/authorize? client_id=YOUR_CLIENT_ID& response_type=code& redirect_uri=https://yourapp.com/oauth/callback& scope=athlete:read%20workout:read& state=random_string
After approval, the user will be redirected to your redirect_uri with:
https://yourapp.com/oauth/callback?code=AUTH_CODE&state=random_string
POST https://api.trainerday.com/oauth/token Content-Type: application/x-www-form-urlencoded grant_type=authorization_code& code=AUTH_CODE& redirect_uri=https://yourapp.com/oauth/callback& client_id=YOUR_CLIENT_ID& client_secret=YOUR_CLIENT_SECRET
Response:
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
"refresh_token": "def50200abc123...",
"expires_in": 7200,
"token_type": "Bearer",
"scope": "athlete:read workout:read"
}
Include the access token in your API requests:
GET https://api.trainerday.com/api/v1/athlete Authorization: Bearer ACCESS_TOKEN
When the access token expires, you can use the refresh token to get a new one:
POST https://api.trainerday.com/oauth/token Content-Type: application/x-www-form-urlencoded grant_type=refresh_token& refresh_token=YOUR_REFRESH_TOKEN& client_id=YOUR_CLIENT_ID& client_secret=YOUR_CLIENT_SECRET
Response:
{
"access_token": "NEW_ACCESS_TOKEN",
"expires_in": 7200,
"token_type": "Bearer",
"scope": "athlete:read workout:read"
}
Server-side validation of a token:
POST https://api.trainerday.com/oauth/token/introspection Authorization: Basic base64(client_id:client_secret) Content-Type: application/x-www-form-urlencoded token=ACCESS_TOKEN
Response:
{
"active": true,
"client_id": "your-client-id",
"username": "12345",
"scope": "athlete:read workout:read",
"exp": 1719400000
}
To revoke a token (access or refresh):
POST https://api.trainerday.com/oauth/token/revoke Authorization: Basic base64(client_id:client_secret) Content-Type: application/x-www-form-urlencoded token=ACCESS_OR_REFRESH_TOKEN
Contact:
hello@trainerday.com
Our forums are frequently the fastest place and most interesting way to get support.