Quick Start
Sign in to the Spike Developer Console at admin.spikeapi.com Under Applications, view your App ID and HMAC Key. (Keep your HMAC key confidential)
Once you have these credentials, you can start using SpikeAPI.

Users will be redirected to a data provider website and users will be asked to submit authentication details. Once the user authorizes access to their data, Spike returns the user back to the application using the callback URL. (You can edit it on the Spike admin Console).
Below part is relevant for the direct integrations with the providers through the SDK excluding Apple Health and Health Connect.
For Apple Health and Health Connect part please go straight to the relevant part
For a user to establish connections with data providers, authenticate the user using a simple function which generates a URL to the data provider page:
Required function parameters:
provider (string) name of the data provider.
In order to be able to retrieve data from Apple Health and Health Connect you will need to establish a connection and request relevant permissions from the user.
To set up the Spike SDK create SpikeConnectionV3 instance with your Spike application id, auth token and user id unique to each of your users:
Once the connection is established you should ask user to grant you access to the relevant health data.
- for Android there are more methods that let you get permissions granted by user, check if Health Connect is installed or should be updated, etc. If you are OK with SpikeSDK handling these, you can use requestHealthPermissions only. On iOS requestHealthPermissions is the only method that has to be called. Keep in mind, that you should do it before trying to read data from Android Health Connect or Apple HealthKit.
For a user to establish connection to Spike authentication must be done. Application user ID should be be constant throughout entire user lifecycle. User requires no pre-registration and will be valid from the moment of first provider integration is authorized.
Required parameters
application_id (int) application_id is constant and can be found on your console after login. It's unique identifyer of your application.
application_user_id (string) id you have selected to uniquely identify user on your own system, for e.g. "my_application_user_123".
signature (string) signature generated per each user using HMAC.
API Integration Initialization To connect users with data providers, first make an API call to get a redirect URL. Then redirect users to this URL to start the OAuth integration process.
API Endpoint:
Provider slug is a canonical name of a provider, eg: fitbit, garmin, huawei, oura, etc
Query parameters:
- redirect_uri (string, url): Optional URL to redirect the user back to after the integration is complete. Must be a whitelisted domain for your application.
- state (string): Optional state parameter that will be passed back to your redirect_uri. Can be used to maintain state between the request and callback.
So to get back an integration URL for garmin you would make the following call
which returns:
You can then redirect the user to path which would initiate the integration process
Once you have created a SDK connection or user authorized themselves directly through the provider page you are able to retrieve their data. In order to do that you will need to utilise our SDK or API endpoitns. Please refer to the more detailed guide in our dedicated SDK guides or API reference:
With our newest API version we are changing the approach how we are dealing with the user data. In order for our clients to retrieve their user data more easily we will be storing user data on our end. Through the Spike console you are able to change for how long you would like to for us to store your user data.
The option to not store the data remains available.
Please also note that Data Retention Policy directly correlates with the historical data. For example if you will set up your Data Retention Policy for 10 days, you will be able to retrieve user data for the past 10 days.