I'm a software developer and over the years I've made a few scripts and tools to collect, parse, analyze, and otherwise interact with my data on Garmin Connect. Most recently, I was interested in using an MCP server to give LLMs access to my data. There are already a few options available, but most of them have been broken by a recent server-side change. Apparently, Garmin is now using Cloudflare TLS fingerprinting, which breaks most/all non-browser clients. That means we can no longer (easily) interact with the Connect REST APIs.
This is really disappointing to me as a customer. The data I record on my devices and store on Garmin Connect are my data, and I expect to be able to access it via reasonable means for whatever purpose I want to use it for. Garmin customers, including myself, made a lot of noise in support of Garmin when Strava recently brought a frivolous lawsuit over patents and data usage. But whether or not it was intentional, this change makes me feel like Garmin is now gatekeeping access to my own data in a similar manner.
I do understand that there are costs associated with running the platform, and there need to be controls in place to prevent malicious misuse or excessive requests from badly-behaved clients. But if that's the primary concern, it's time for Garmin Connect to provide a real, documented public API with OAuth support and the ability for any developer to create a new client for personal use.
