Menu

Architecture

About this API Domains Versioning Example URLs

General

Identifiers Supported Data Formats Data Types
Requests
Access Token and Related Information Localization GET Request Query Parameter Collection Requests
Responses
Content Type Response Codes Response Body Error Responses Standard Responses

Authentication and Authorization

Partner Authentication User Authorization
Authorization Code Grant (GET /oauth2/auth)
Request query parameters Example 1: Requesting the diary scope Example 2: Requesting all available scopes Response Authorization Errors
Access Token Request (POST /oauth2/token)
Request body form parameters Response Access Token Errors
Refreshing Access Tokens (POST /oauth2/token)
Request body form parameters Response Refresh Token Errors Making Requests
Revoking Tokens (POST /oauth2/revoke)
Request body form parameters Response

Users

Resources GET /users/:userId
Example Response with no fields parameter Example Response with fields elements
Resources PATCH /users/:userId
Request Example

Measurements

Resources
GET /measurements/ POST /measurements/

Diary

Resources
GET /diary/ POST /diary/ PATCH /diary/ DELETE /diary/

Exercises

Resources
GET /exercises/

Subscriptions

Management
POST /subscription/ GET /subscription/ DELETE /subscription/
Notifications
Example Request Body Best Design Practices

Appendix

Data Structures
User Measured Value User Profile Account Privacy Preferences Goal Preferences Location Preferences Diary Preferences Nutritional Contents Exercise Measurement Diary Subscription
Error Codes
Error Codes
Migrating from MyFitnessPal API v1 to v2
v1 action: log_cardio_exercise v1 action: remove_cardio_exercise v1 action: log_weight v1 action: log_expended_energy v1 action: get_food_summary v1 action: get_cardio_exercises v1 action: get_weight v1 action: fetch_user_info v1 action: subscribe_to_user_updates v1 action: unsubscribe_from_user_updates
Tracking all­day steps activity
Tracking all-day steps activity Recommended approach for tracking steps Determining daily totals Calorie Adjustments
MyFitnessPal exercises and their identifiers
MyFitnessPal exercises and their identifiers
Full request and response examples
POST and GET request and response

Revoking Tokens

Partners may revoke access and refresh tokens at any time. This process follows the standard described in ​RFC-7009​. Revoked tokens may continue to be accepted for a brief period, as the revocation propagates to all server­side caches and data stores.

POST ​/oauth2/revoke

If the included token is a refresh token, the associated access token will automatically be revoked. If it is an access token, any associated refresh tokens will also be revoked.

This request must be accompanied by an Authorization header, which is assembled using HTTP Basic Authentication. The ​username​ field must be the partner’s client identifier, and the password​ field must be the partner’s client secret. An example of this header:

Authorization: Basic Tmluy1aGVcnk6NmxMmQwOW4MTA2NzE4ZDg2nU=

The contents of this request are submitted as standard form parameters. The Content-Type header must be:

Content-Type: x-www-form-urlencoded

Request body form parameters

Name Description Required
token The access or refresh token being revoked Y
token_type_hint The type of token being revoked. Must be either ​access_token​ or refresh_token