Strava · OAuth Scopes
Strava OAuth Scopes
OAuth 2.0
derived
Strava publishes 7 OAuth 2.0 scopes via the authorizationCode flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the Strava API on a user’s behalf.
Tokens are issued from https://www.strava.com/oauth/token.
This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.
CyclingFitnessFitness TrackingRunningSports
Scopes: 7
Flows: authorizationCode
Method: derived
OAuth endpoints
Authorization URL
https://www.strava.com/oauth/authorize
https://www.strava.com/oauth/authorize
Token URL
https://www.strava.com/oauth/token
https://www.strava.com/oauth/token
Flows
authorizationCode
authorizationCode
Scopes (7)
| Scope | Description | Flows |
|---|---|---|
| activity:read | Read the user's activity data for activities that are visible to Everyone and Followers | authorizationCode |
| activity:read_all | Same access as activity:read with the addition of activities with visibility set to Only You | authorizationCode |
| activity:write | Access to create manual activities and uploads, and access to edit any activities that are visible to the app | authorizationCode |
| profile:read_all | Read all profile information even if the user has set their profile visibility to Followers or Only You | authorizationCode |
| profile:write | Update the user's weight and Functional Threshold Power (FTP), and access to star or unstar segments on their behalf | authorizationCode |
| read | Read public segments, public routes, public profile data, public posts, public events, club feeds, and leaderboards | authorizationCode |
| read_all | Read private routes, private segments, and private events for the user | authorizationCode |