Skip to content

Authentication

Two ways to authenticate users with SweatStack:

  • OAuth2: the standard authorization-code flow (with or without PKCE). Use this for any app that other people connect to. Every integration uses this as its foundation.
  • SweatStack Connect: a frictionless onboarding layer on top of OAuth2. Your users authenticate with the wearable platform they already use (Garmin, Intervals.icu, etc.); SweatStack provisions their account in the background. Drops in with no API changes.

Both flows end with your app holding an OAuth2 access token. The token works the same way regardless of how it was obtained. Use OAuth2 as your foundation; layer Connect on top when you want to remove the "create yet another account" step.