Currently, access to HTTP servers (without encryption) is only possible when Garmin devices are paired with iOS devices. When paired with Android devices, HTTPS is enforced.
To my understanding, this is not an inherent limitation of Android itself, but rather a choice in the implementation of Garmin Connect Mobile on Android.
The apps I develop focus on home automation use cases, where the watch communicates with servers running inside the user's home network, either directly over the local network or through lightweight VPN solutions such as Tailscale. These servers often do not provide HTTPS with valid certificates. In some setups this can be solved using cloud-based reverse proxies, but in many cases users would need to configure their own reverse proxy and certificate management, which is often beyond their technical capabilities.
As a result, practical use of these apps is currently often limited to iOS users.
While I understand that this is a relatively niche use case, I believe it is still a valid one where requiring HTTPS does not necessarily provide additional security benefits, especially for local or VPN-only connections controlled entirely by the user.
Therefore, I would suggest reconsidering this limitation on Android and allowing HTTP access for Connect IQ applications, similar to the current behavior on iOS. From an Android perspective, this may be as simple as enabling cleartext traffic support (for example via the usesCleartextTraffic option or a network security configuration).
-
the-ninth
in reply to jim_m_58
-
Cancel
-
Vote Up
0
Vote Down
-
-
More
-
Cancel
Comment-
the-ninth
in reply to jim_m_58
-
Cancel
-
Vote Up
0
Vote Down
-
-
More
-
Cancel
Children