Oura Ring · Authentication Profile

Oura Authentication

Authentication

Oura Ring secures its APIs with apiKey, http, and oauth2 across 4 declared security schemes, as derived from its OpenAPI definitions. OAuth 2.0 is offered via the authorizationCode flow(s).

HealthWearablesSleepFitnessHeart RateReadinessSmart RingBiometrics
Methods: apiKey, http, oauth2 Schemes: 4 OAuth flows: authorizationCode API key in: header

Security Schemes

BearerAuth http
scheme: bearer
OAuth2 oauth2
· flows: authorizationCode
ClientIdAuth apiKey
· in: header (x-client-id)
ClientSecretAuth apiKey
· in: header (x-client-secret)

Source

Authentication Profile

Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/oura-oura-ring-api-openapi.yml
summary:
  types:
  - apiKey
  - http
  - oauth2
  api_key_in:
  - header
  oauth2_flows:
  - authorizationCode
schemes:
- name: BearerAuth
  type: http
  scheme: bearer
  sources:
  - openapi/oura-oura-ring-api-openapi.yml
- name: OAuth2
  type: oauth2
  flows:
  - flow: authorizationCode
    authorizationUrl: https://cloud.ouraring.com/oauth/authorize
    tokenUrl: https://api.ouraring.com/oauth/token
    scopes: 8
  sources:
  - openapi/oura-oura-ring-api-openapi.yml
- name: ClientIdAuth
  type: apiKey
  in: header
  parameter: x-client-id
  description: Client ID for webhook subscription endpoints. Must be used together with x-client-secret
    header.
  sources:
  - openapi/oura-oura-ring-api-openapi.yml
- name: ClientSecretAuth
  type: apiKey
  in: header
  parameter: x-client-secret
  description: Client Secret for webhook subscription endpoints. Must be used together with
    x-client-id header.
  sources:
  - openapi/oura-oura-ring-api-openapi.yml