OpenFIT API Authentication
OpenFIT uses OAuth 2.0 Authentication to authenticate external calls to the OpenFIT API.
Getting Started with Authentication
While getting started, you can use our OpenAPI Portal (Swagger) to generate Access Tokens using your username and password.
Once you're logged in, you will see a confirmation screen like this:
Programmatic Authentication
Token Request
To authenticate programmatically, make a POST request to the token endpoint:
// Production Environment
ID_SERVER_URL: https://ids.openfit.care
API_URL: https://api.openfit.care
// Test Environment
ID_SERVER_URL: https://of-identity-internal.azurewebsites.net
API_URL: https://of-api-internal.azurewebsites.net/
Example Request (C#):
var options = new RestClientOptions("https://ids.openfit.care");
var client = new RestClient(options);
var request = new RestRequest("/connect/token", Method.Post);
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
request.AddParameter("grant_type", "password");
request.AddParameter("scope", "OpenFitApi offline_access");
request.AddParameter("client_id", "{provided_by_support}"); // Contact support@openfit.care
request.AddParameter("username", "your_username");
request.AddParameter("password", "your_password");
RestResponse response = await client.ExecuteAsync(request);
Example Request (cURL):
curl --location 'https://ids.openfit.care/connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'username=your_username' \
--data-urlencode 'scope=OpenFitApi offline_access' \
--data-urlencode 'client_id={provided_by_support}' \
--data-urlencode 'password=your_password'
# Note: Replace {provided_by_support} with the client_id value provided by support@openfit.care
Token Response
The response will include:
access_token- Use this as a Bearer token in API requestsrefresh_token- Use this to get a new access_token when it expiresexpires_in- Token expiration time in seconds
Token Refresh
Use the refresh token to obtain a new access_token before the current one expires. Track the expires_in value from your token response and refresh proactively:
var options = new RestClientOptions("https://ids.openfit.care");
var client = new RestClient(options);
var request = new RestRequest("/connect/token", Method.Post);
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
request.AddParameter("grant_type", "refresh_token");
request.AddParameter("refresh_token", "your_refresh_token_from_previous_response");
RestResponse response = await client.ExecuteAsync(request);
Best Practice: Refresh your token when it has about 5 minutes of life remaining, rather than waiting for authentication failures. The new token response will include a fresh access_token and refresh_token.
Using Alternative Clients
You can also use API clients like Postman to generate tokens and make API calls. Use the same configuration values shown above.
Common Questions
Why does my authentication fail?
Common issues include:
- Using the wrong client_id (make sure you're using the exact value provided by support)
- Incorrect username or password
- Using the wrong endpoint URL (ensure you're using the correct environment URLs)
- Missing required parameters in the request
What's the difference between test and production environments?
The test environment is for development and testing. Production is for live data. Use the same client_id and authentication process for both environments, just change the base URLs.
Need Help?
If you have any queries or issues, please:
- Email support@openfit.care
- Log a ticket via https://support.openfit.care/
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article