Wahoo Fitness · OAuth Scopes

Wahoo Fitness OAuth Scopes

OAuth 2.0 derived

Wahoo Fitness publishes 12 OAuth 2.0 scopes via the authorizationCode flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the Wahoo Fitness API on a user’s behalf.

Tokens are issued from https://api.wahooligan.com/oauth/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

FitnessCyclingEndurance TrainingBike ComputersSmart TrainersIndoor CyclingHeart RatePower MetersGPSWearablesHardwareFIT FilesWebhooksOAuth
Scopes: 12 Flows: authorizationCode Method: derived

OAuth endpoints

Authorization URL
https://api.wahooligan.com/oauth/authorize
Token URL
https://api.wahooligan.com/oauth/token
Flows
authorizationCode

Scopes (12)

ScopeDescriptionFlows
email Access the user's email address authorizationCode
offline_data Receive webhook events while the app is closed authorizationCode
plans_read Read workout plans authorizationCode
plans_write Manage workout plans authorizationCode
power_zones_read Read cycling power zones authorizationCode
power_zones_write Manage cycling power zones authorizationCode
routes_read Read GPS routes authorizationCode
routes_write Manage GPS routes authorizationCode
user_read Read user profile authorizationCode
user_write Update user profile authorizationCode
workouts_read Read workouts and summaries authorizationCode
workouts_write Create/update/delete workouts and uploads authorizationCode

Source

OAuth Scopes

wahoo-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/wahoo-cloud-api-openapi.yml
schemes:
- name: OAuth2
  source: openapi/wahoo-cloud-api-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://api.wahooligan.com/oauth/authorize
    tokenUrl: https://api.wahooligan.com/oauth/token
  description: OAuth 2.0 Authorization Code (with PKCE option for public apps). Access tokens
    are bearer tokens with a 2-hour TTL; refresh tokens are single-use. Starting 2026-01-01,
    apps are limited to 10 unrevoked access tokens per user.
scopes:
- scope: email
  description: Access the user's email address
  flows:
  - authorizationCode
  sources:
  - openapi/wahoo-cloud-api-openapi.yml
- scope: offline_data
  description: Receive webhook events while the app is closed
  flows:
  - authorizationCode
  sources:
  - openapi/wahoo-cloud-api-openapi.yml
- scope: plans_read
  description: Read workout plans
  flows:
  - authorizationCode
  sources:
  - openapi/wahoo-cloud-api-openapi.yml
- scope: plans_write
  description: Manage workout plans
  flows:
  - authorizationCode
  sources:
  - openapi/wahoo-cloud-api-openapi.yml
- scope: power_zones_read
  description: Read cycling power zones
  flows:
  - authorizationCode
  sources:
  - openapi/wahoo-cloud-api-openapi.yml
- scope: power_zones_write
  description: Manage cycling power zones
  flows:
  - authorizationCode
  sources:
  - openapi/wahoo-cloud-api-openapi.yml
- scope: routes_read
  description: Read GPS routes
  flows:
  - authorizationCode
  sources:
  - openapi/wahoo-cloud-api-openapi.yml
- scope: routes_write
  description: Manage GPS routes
  flows:
  - authorizationCode
  sources:
  - openapi/wahoo-cloud-api-openapi.yml
- scope: user_read
  description: Read user profile
  flows:
  - authorizationCode
  sources:
  - openapi/wahoo-cloud-api-openapi.yml
- scope: user_write
  description: Update user profile
  flows:
  - authorizationCode
  sources:
  - openapi/wahoo-cloud-api-openapi.yml
- scope: workouts_read
  description: Read workouts and summaries
  flows:
  - authorizationCode
  sources:
  - openapi/wahoo-cloud-api-openapi.yml
- scope: workouts_write
  description: Create/update/delete workouts and uploads
  flows:
  - authorizationCode
  sources:
  - openapi/wahoo-cloud-api-openapi.yml