Ctrlk
For the complete documentation index, see llms.txt. This page is also available as Markdown.

Shared & custom oAuth-clients

When your users connect their web data sources they will by default connect with the shared "Thryve app" (oAuth-client). This way you can start immediately letting your users connect without the need to go through tedious approval processes to obtain your own oAuth-client with each web data source provider which may take weeks.

Example of connecting Withings via shared Thryve oAuth-client.

While your users connect to the Thryve oAuth-client you still have full control over your users and their data, as well as the kind of data stored, as we're acting as a data processor on your behalf.

When using the shared OAuth clients provided by Thryve, users will be asked to grant access to all data scopes.

Bring your own oAuth-client for custom authorization configurations

We allow our customers to bring their own oAuth-client configuration for web data sources. This way you will be able to configure more granularly which data scopes will be requested from your users as well as be in full control over what information is displayed to your users during the authorization process.

Example of connecting Withings to own oAuth-client with full control of displayed logo and text.

The advantages of bringing your own oAuth-clients are:

  • Ownership and control over the data source developer/app accounts (e.g., Fitbit, Garmin)

  • Custom branding on OAuth consent screens (domain, name, logo)

  • Access to data sources that are not available via Thryve's shared oAuth-clients

  • API rate limits are tied to the customer’s own developer account, not shared with others

  • Improved user trust and brand consistency - users see the customer’s identity, not Thryve’s

Create your own oAuth-client

You can create and configure your own oAuth-client through the developer portals or support channels provided by each data source (e.g., Fitbit, Garmin). During this setup, it is essential to specify URLs for redirection and pinging as provided by Thryve to ensure seamless integration with Thryve.

To assist you in this process, we offer a series of guides detailing the configuration steps for various data sources:

Please reach out to our support team to receive the correct URLs ({{appName}}.und-gesund.de) for redirection and ping configuration

A note on data scopes

When requesting authorization, certain data scopes are requested from the end users. Data scopes are broad categories of data that the user will grant access to. Scopes can be e.g. "Activity", "Sleep", or "Profile", which each enable access to different kinds of data.

For some data sources, users need to actively confirm access to individual scopes or can narrow down and proceed without granting access to all data. When access is not granted to a given scope, Thryve won't be able to retrieve this data for the specific user.

Data scope selection when authorizing Fitbit.

Therefore, we advise explaining to end users what data scopes will be requested as well as the purpose of the requested data. Ensure users understand that their experience with your app will be affected if not all data scopes as data might be missing.

PreviousOverviewNextData source types & retrieval methods

Last updated