WHOOP Integration
betaConnect WHOOP data to Sahha via the WHOOP API.
Overview
Connect WHOOP data to Sahha via the WHOOP API. You register an app with WHOOP, add it to Sahha as an integration, configure webhooks, then connect end users. The connection flow itself is shared across providers — see Integrations for the concepts and Connect a user for the full round-trip.
Public beta
Integrations are in public beta and are Sandbox only . We're still refining the API surface as it matures and will call out any breaking changes here as they land.
| Status | Beta self sign-up |
| API slug | whoop |
| Device | Band |
| Connection | Cloud OAuth |
| Live sync | Pull (webhooks) |
| Backfill on connect | 30 days |
Before you start
Examples use the sandbox environment. Replace sandbox-api.sahha.ai with api.sahha.ai for production — see API Environments .
WHOOP uses self sign-up — no approval step is required to create an app and use it with up to 10 members.
Create a WHOOP account
The WHOOP Developer Dashboard uses the same credentials as your WHOOP account. If you don't already have one, create it first.
Create your WHOOP account
- Download the WHOOP app — App Store or Google Play
- Open the app and tap Sign up
- Register with your email address and create a password
- Verify your email address to activate the account
You don't need a WHOOP device
The app's onboarding is designed around setting up a physical WHOOP, but you don't need one to register a developer app — your account is created at sign-up. Work through the onboarding screens, and when the app asks you to pair a device, skip that step or simply close the app. Your account stays active, and you can sign in to the developer dashboard with it.
With your WHOOP account created, you can sign in to the developer dashboard in the next step.
1. Register your WHOOP app
This gives Sahha the OAuth credentials it uses to request data on your users' behalf.
Open the developer dashboard
Sign in to the WHOOP Developer Dashboard with your WHOOP account. The Your apps page lists any apps you've already created. Click Create New App to start a new one.
Fill in the application details
On the New App form, complete the fields. The name and logo are shown to your end users during the OAuth consent flow, so use values that represent your product.
| Field | What to enter |
|---|---|
| Name | The app name shown to users in the OAuth flow. |
| Logo | A .jpg or .png displayed at a 1:1 (square) ratio in the OAuth flow. |
| Contacts | One or more contact emails. WHOOP sends administrative communications about the app to these addresses — use Add for more than one. |
| Privacy Policy | Link to your privacy policy. Users are shown this link in the OAuth flow. |
Add the Sahha redirect URL
Under Redirect URLs , add the Sahha OAuth callback URL exactly as shown — WHOOP fails the OAuth flow if it doesn't match. Use Add if you need more than one entry.
https://sandbox-api.sahha.ai/api/v1/integration/oauth/whoop/callback https://sandbox-api.sahha.ai/api/v1/integration/oauth/whoop/callback
Select scopes
Under Scopes , tick the data types you want Sahha to ingest:
| Scope | Grants access to |
|---|---|
read:recovery | Recovery information, including score, heart rate variability, and resting heart rate. |
read:cycles | Cycles information, including day strain and average heart rate during a cycle. |
read:sleep | Sleep information, such as duration and start and end time. |
read:workout | Workout information, including activity type and accumulated strain. |
read:profile | Profile information. |
read:body_measurement | Body measurements, such as height, weight, and max heart rate. |
The offline scope is automatic
Sahha also requests the offline scope when a user connects, which returns a refresh token so data keeps syncing without the user re-authorizing. There's no checkbox for this in the dashboard.
Add the webhook URL
Under Webhooks , you'll add Sahha's webhook URL so WHOOP notifies Sahha when new data is available. Sahha generates this URL when you create the integration, so leave this empty for now and complete it in step 3 . Each webhook URL must start with https.
Create the app and copy your credentials
Click Create App to save your application. To view its credentials, open the app from the list under Your apps — its detail page shows your Client ID and Client Secret under Credentials , with the eye icon to reveal the secret. Copy both for the next step.
Up to 10 members by default
A new WHOOP app can be used in development immediately with a limit of 10 WHOOP members — the app's status shows your remaining test users. To launch the app to all WHOOP members, use Request Approval on the app detail page.
2. Create the integration in Sahha
- Go to the Sahha Dashboard .
- Navigate to Direct Integrations → Integrations in the sidebar.
- Click Add integration and select WHOOP from the Provider dropdown.
- Paste in your WHOOP Client ID and Client Secret .
- In the Scopes dropdown, select the same scopes you enabled on your WHOOP app in step 1 — these are what Sahha requests when a user connects.
- Add one or more entries to the Redirect URL Whitelist — the URLs in your own app that Sahha may redirect users back to after OAuth.
- Save the integration.
Match your scopes
By default all provider-supported scopes are selected — not just the ones enabled on your app. Deselect any scopes your WHOOP app isn't approved for so Sahha only requests scopes your app can actually access.
About the Redirect URL Whitelist
When you start the OAuth flow you may optionally pass a redirectUrl — it must match a whitelisted entry. If omitted, Sahha uses the first URL in the whitelist.
After saving, the dashboard displays a webhook URL for this integration. You'll need it next.
3. Configure WHOOP webhooks
WHOOP sends Sahha a webhook when new data is available, and Sahha pulls the data from the WHOOP API in response. You must add Sahha's webhook URL to your application in the WHOOP Developer Dashboard — it isn't configured automatically.
- In the WHOOP Developer Dashboard , open your application.
- Click Edit application and paste the webhook URL from your Sahha integration into the webhookUrl field. Make sure the model version is set to V2 .
- Ensure the application's scopes match the scopes you selected in the Sahha Dashboard (step 2).
- Save.
4. Connect a user
Start the OAuth flow with the user's profile token. WHOOP's slug is whoop:
curl -X GET "https://sandbox-api.sahha.ai/api/v1/integration/oauth/whoop/authorize?redirectUrl=https://yourapp.com/integrations/callback" \ -H "Authorization: profile {your-profile-token}" curl -X GET "https://sandbox-api.sahha.ai/api/v1/integration/oauth/whoop/authorize?redirectUrl=https://yourapp.com/integrations/callback" \
-H "Authorization: profile {your-profile-token}"
{ "authorizationUrl": "https://api.prod.whoop.com/oauth/oauth2/auth?..."} {
"authorizationUrl": "https://api.prod.whoop.com/oauth/oauth2/auth?..."
}
Redirect the user to authorizationUrl to complete authorization. For the full round-trip, prerequisites, language-specific snippets, and the SDK option, see Connect a user .
WHOOP-specific notes
- Redirect URI must match. WHOOP fails the OAuth flow unless the Sahha callback URL is registered in your app's allowed redirect URIs (see step 1, item 4).
- Historical backfill. Sahha backfills 30 days on connect.
- Webhooks must be enabled. See step 3 — without a registered webhook URL, no data is delivered to Sahha.
For data freshness, the connection lifecycle, and disconnecting a user, see Managing connections on the Integrations page.
Support
Need help? Contact support@sahha.ai or join the Slack Community .