Related

TLS fingerprinting blocks third-party clients

mitchl

I'm a software developer and over the years I've made a few scripts and tools to collect, parse, analyze, and otherwise interact with my data on Garmin Connect. Most recently, I was interested in using an MCP server to give LLMs access to my data. There are already a few options available, but most of them have been broken by a recent server-side change. Apparently, Garmin is now using Cloudflare TLS fingerprinting, which breaks most/all non-browser clients. That means we can no longer (easily) interact with the Connect REST APIs.

This is really disappointing to me as a customer. The data I record on my devices and store on Garmin Connect are my data, and I expect to be able to access it via reasonable means for whatever purpose I want to use it for. Garmin customers, including myself, made a lot of noise in support of Garmin when Strava recently brought a frivolous lawsuit over patents and data usage. But whether or not it was intentional, this change makes me feel like Garmin is now gatekeeping access to my own data in a similar manner.

I do understand that there are costs associated with running the platform, and there need to be controls in place to prevent malicious misuse or excessive requests from badly-behaved clients. But if that's the primary concern, it's time for Garmin Connect to provide a real, documented public API with OAuth support and the ability for any developer to create a new client for personal use.

  • 0

    Same here! it is a shame you got rid of it. I used it to track my runs over the long term and build fun visuals. Now I can no longer do that!

  • 0

    I fully support this too. I had also implemented a Python script to download the files and learnt in my spare time how to play with them: group similar routes made many times and compare my performance on them. It had been fun to develop and the result was being highly motivating, as I was getting extra insights for my classic hikes / cycling rides.

    Also, plugging Claude API on top of that to get smart analysis had become a very interesting project. I was very happy with my Garmin. I was.

  • 0

    I build my own software the connect api's that I only use myself with my own data to ironically get around garmins lack of features I need. We pay that much for their devices, its my data why the *** cant I access it properly is criminal and should be illegal.

    Garmin shows again they don't care at all, yeah no worries, just screw us all over again. Why not release a working developer program first and give us an actual proper option to create a personal api key. I don't even care at this point, rate limit the F outa me all I care is getting my activities for the day. 

    Instead garmin just want us to continue to use scrapers to piss us all off, great work team... (btw no probs ill do that its a not hard but the principle of how they approach this all along is just complete BS that is what annoys me most).

    In actual fact, I am doing garmin a big favour with my software, I want to make it a larger offering, it will make them more money in the end by people needing garmin devices in the first place! 

    GARMIN FIX THIS ASAP

  • 0

    I'm in the same boat as the rest of the gang. I just want to track my steps 4am to 4am because I never go to sleep at midnight and it's unfeasible without having an API connection to Garmin. But the point here is wider than step counting at weird hours: Garmin can never build all the weird and crazy and wonderful things that people come up with - and having an API that people can use to access THEIR OWN DATA is a multiplier in value, not a downgrade. If I was buying a device today, I would buy a smart device where I also have unrestricted access to my data so I can analyze it and use it conveniently the way I want to. Currently unfortunately that brand is not Garmin Disappointed

  • 0 in reply to 2664198
    2664198 said:
    If I was buying a device today, I would buy a smart device where I also have unrestricted access to my data so I can analyze it and use it conveniently the way I want to. Currently unfortunately that brand is not Garmin

    Just curious - which one is it?

    BTW, can't you simply download all the data you need directly from the watch? I realize it is not as convenient as being able to access it online, but at least you do have all the data there. And it can be automated too, if you do not mind connecting the watch over the USB to a computer with a custom script pulling the daily metrics before Connect or Express sync and wipe it from the watch (activities stay on the watch anyway). It can all be done.

  • 0

    Garmin is blocking users from being able to make use of their personal health data. This is profoundly unacceptable. We should either demand and programmatic dump utility of all our personal data (every single bit of it) or dump Garmin products altogether. 

  • 0

    Hey Garmin,

      makes a really really good point here. 

    I landed on this page because my home-written application broke. It is a PHP implementation that just downloads all MY activities, from Garmin Connect to my own database to do some analysis. Why is there no decent API with a decent authentication flow? Fair use or rate limiting all sound fine - but it should at the very least be possible to access our own data this way.