Quick Start

Obtain API Credentials
Sign in to the Spike Developer Console at admin.spikeapi.com Under Applications, view your App ID and HMAC Key. (Keep your HMAC key confidential)
Once you have these credentials, you can start using SpikeAPI.
Integration Flow
﻿
Users will be redirected to a data provider website and users will be asked to submit authentication details. Once the user authorizes access to their data, Spike returns the user back to the application using the callback URL. (You can edit it on the Spike admin Console). 
Below part is relevant for the direct integrations with the providers through the SDK excluding Apple Health and Health Connect. 
For Apple Health and Health Connect part please go straight to the relevant part﻿ 
Mobile SDK Integration Initialization
For a user to establish connections with data providers, authenticate the user using a simple function which generates a URL to the data provider page:
Swift
let url = spikeConnection.getIntegrationInitUrl(provider: .garmin)
UIApplication.shared.open(URL(string: url), options: [:], completionHandler: nil)
let url = spikeConnection.getIntegrationInitUrl(provider: .garmin)
UIApplication.shared.open(URL(string: url), options: [:], completionHandler: nil)
﻿
Required function parameters:
provider (string) name of the data provider.
Apple Health / Health connect initialization
In order to be able to retrieve data from Apple Health and Health Connect you will need to establish a connection and request relevant permissions from the user. 
To set up the Spike SDK create SpikeConnectionV3 instance with your Spike application id, auth token and user id unique to each of your users:
JS
import Spike from 'react-native-spike-sdk';

const connection = await Spike.createConnectionAPIv3(
    "applicationId",
    "signature", 
    "endUserId"
);
import Spike from 'react-native-spike-sdk';

const connection = await Spike.createConnectionAPIv3(
    "applicationId",
    "signature", 
    "endUserId"
);
﻿
Once the connection is established you should ask user to grant you access to the relevant health data. 
JS
// This call may present user with OS native modal asking for read 
// permissions needed to get steps and distance data. If you want to 
// present it only once, you should list all the statistic types you 
// plan to use. Otherwise, you can call this only before you actually 
// want to use the data.
spikeConnection.requestHealthPermissions([StatisticsType.steps, StatisticsType.distanceTotal])
// This call may present user with OS native modal asking for read 
// permissions needed to get steps and distance data. If you want to 
// present it only once, you should list all the statistic types you 
// plan to use. Otherwise, you can call this only before you actually 
// want to use the data.
spikeConnection.requestHealthPermissions([StatisticsType.steps, StatisticsType.distanceTotal])
﻿
for Android there are more methods that let you get permissions granted by user, check if Health Connect is installed or should be updated, etc. If you are OK with SpikeSDK handling these, you can use requestHealthPermissions only. On iOS requestHealthPermissions is the only method that has to be called. Keep in mind, that you should do it before trying to read data from Android Health Connect or Apple HealthKit.
API Authentication
For a user to establish connection to Spike authentication must be done. Application user ID should be be constant throughout entire user lifecycle. User requires no pre-registration and will be valid from the moment of first provider integration is authorized.
Curl
curl --location 'https://app-api.spikeapi.com/v3/auth/hmac' \
  --header 'Content-Type: application/json' \
  --header 'Accept: application/json' \
  --data '{
  "application_id": 9999,
  "application_user_id": "my_application_user_123",
  "signature": "string"
}'
curl --location 'https://app-api.spikeapi.com/v3/auth/hmac' \
  --header 'Content-Type: application/json' \
  --header 'Accept: application/json' \
  --data '{
  "application_id": 9999,
  "application_user_id": "my_application_user_123",
  "signature": "string"
}'
﻿
Required parameters
application_id (int) application_id is constant and can be found on your console after login. It's unique identifyer of your application.  
application_user_id (string) id you have selected to uniquely identify user on your own system, for e.g. "my_application_user_123". 
signature (string) signature generated per each user using HMAC.
Node.js
Python
Go
PHP
const crypto = require('crypto');

// Example: signUser("my_application_user_123")
function signUser(userId) {
  const hmacKey = "HMAC_KEY_FROM_ADMIN_CONSOLE";
  const hmac = crypto.createHmac('sha256', hmacKey);
  hmac.update(userId);
  return hmac.digest('hex');
}
const crypto = require('crypto');

// Example: signUser("my_application_user_123")
function signUser(userId) {
  const hmacKey = "HMAC_KEY_FROM_ADMIN_CONSOLE";
  const hmac = crypto.createHmac('sha256', hmacKey);
  hmac.update(userId);
  return hmac.digest('hex');
}
﻿
API Integration Initialization
API Integration Initialization
To connect users with data providers, first make an API call to get a redirect URL. Then redirect users to this URL to start the OAuth integration process.
API Endpoint:
Text
https://app-api.spikeapi.com/v3/providers/{provider_slug}/integration/init_url
https://app-api.spikeapi.com/v3/providers/{provider_slug}/integration/init_url
﻿
Provider slug is a canonical name of a provider, eg: fitbit, garmin, huawei, oura, etc
Query parameters:
redirect_uri (string, url): Optional URL to redirect the user back to after the integration is complete. Must be a whitelisted domain for your application.
state (string): Optional state parameter that will be passed back to your redirect_uri. Can be used to maintain state between the request and callback.
So to get back an integration URL for garmin you would make the following call
Curl
curl -X GET "https://app-api.spikeapi.com/v3/providers/garmin/integration/init_url" 
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiI5OTk5Iiwic3ViIjoiYXBwbGljYXRpb24tdXNlci1pZC0xMjMifQ.XnI1y4tkRjdiSeHwUqdmk9em-hTPojtMzbOU30nMd_Y"
curl -X GET "https://app-api.spikeapi.com/v3/providers/garmin/integration/init_url" 
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiI5OTk5Iiwic3ViIjoiYXBwbGljYXRpb24tdXNlci1pZC0xMjMifQ.XnI1y4tkRjdiSeHwUqdmk9em-hTPojtMzbOU30nMd_Y"
﻿
which returns:
JSON
{
"provider_slug": "garmin",
"path": "https://app-api.spikeapi.com/v3/providers/garmin/integration/init/ic/8usq2PfXN1G6Zfic3ViIjoiYXVSQk9bGjBeAcDiClovYuaHR5fO0qic3ViIjoiYXjuCHcFG8O2AUqLw"
}
{
"provider_slug": "garmin",
"path": "https://app-api.spikeapi.com/v3/providers/garmin/integration/init/ic/8usq2PfXN1G6Zfic3ViIjoiYXVSQk9bGjBeAcDiClovYuaHR5fO0qic3ViIjoiYXjuCHcFG8O2AUqLw"
}
﻿
You can then redirect the user to path which would initiate the integration process
Data retrieval
Once you have created a SDK connection or user authorized themselves directly through the provider page you are able to retrieve their data. In order to do that you will need to utilise our SDK or API endpoitns. Please refer to the more detailed guide in our dedicated SDK guides or API reference:
﻿SpikeSDK iOS﻿ 
﻿SpikeSDK Android﻿ 
﻿SpikeSDK React Native﻿ 
﻿SpikeSDK Flutter﻿ 
﻿API reference﻿ 
﻿
Data Retention Policy
With our newest API version we are changing the approach how we are dealing with the user data. In order for our clients to retrieve their user data more easily we will be storing user data on our end. Through the Spike console you are able to change for how long you would like to for us to store your user data. 
The option to not store the data remains available.
Please also note that Data Retention Policy directly correlates with the historical data. For example if you will set up your Data Retention Policy for 10 days, you will be able to retrieve user data for the past 10 days.
﻿
Permissions