Introducing our API

FitQuest Ecosystem Illustration

At FitQuest we’re keen to ensure the data we provide can be used in the best possible way to support the member experience in club and with their trainers. As such we use an open API (application programming interface) which allows you to integrate your systems with ours. For example, you might display your members’ FitQuest results directly in the members’ area of your website, integrate them into your own mobile apps, or generate your own custom reports.

Alternatively, you might seek to extend our capabilities by combining our fitness measurements with other third-party data (like activity, or diet, for example).

Our fitness API currently provides the following information:

  • Measurements
    FitQuest FQ results of a specified user (requested by id, hash, token or email address).
  • Organisations
    A list of Organisations accessible to the caller.
  • Sites
    A list of Sites accessible to the caller where FitQuest is installed.
  • Users
    Users who performed FQ Fitness Measurements in a given Site.

An example API response is shown below. Please refer to our API documentation for more information concerning the various endpoints.

curl -X GET --header 'Authorization: Bearer XXX.YYY.ZZZZ' 'https://api.fqscore.com/api/v1/Measurements/User/ByEmail/demo%40example.com/'
Status: 200 OK
{
    "Measurements": [
        {
            "MeasurementType": "FQResults",
            "Source": "FitQuestKiosk",
            "TestGUID": "1b67fa313c0a4a799964ed622adbcfe4",
            "TestDate": "2016-03-28T15:15:00.0000000Z",
            "TestFQOverall": 80,
            "TestFQLowerBodyStrength": 70,
            "TestFQLowerBodyEndurance": 151,
            "TestFQUpperBodyStrength": 139,
            "TestFQUpperBodyEndurance": 38,
            "TestFQExplosiveLegPower": 13,
            "TestFQMotorSensoryControl": 112,
            "TestFQSpeedAbility": 95,
            "TestFQCardio": 115
        },
        {
            "MeasurementType": "FQResults",
            "Source": "FitQuestKiosk",
            "TestGUID": "c6753b6726c84c899e97b1c38b1c8f02",
            "TestDate": "2016-01-02T17:43:00.0000000Z",
            "TestFQOverall": 69,
            "TestFQLowerBodyStrength": 71,
            "TestFQLowerBodyEndurance": 150,
            "TestFQUpperBodyStrength": 119,
            "TestFQUpperBodyEndurance": 25,
            "TestFQExplosiveLegPower": 9,
            "TestFQMotorSensoryControl": 92,
            "TestFQSpeedAbility": 72,
            "TestFQCardio": 91
        },
        {
            "MeasurementType": "FQResults",
            "Source": "FitQuestKiosk",
            "TestGUID": "6bccd341184847fd8cca191e357be646",
            "TestDate": "2015-12-08T06:19:00.0000000Z",
            "TestFQOverall": 65,
            "TestFQLowerBodyStrength": 76,
            "TestFQLowerBodyEndurance": 146,
            "TestFQUpperBodyStrength": 113,
            "TestFQUpperBodyEndurance": 25,
            "TestFQExplosiveLegPower": 10,
            "TestFQMotorSensoryControl": 86,
            "TestFQSpeedAbility": 57,
            "TestFQCardio": 91
        }
    ]
}

Authentication

Currently we offer two levels of API access for our customers; Standard and Enterprise†.

  • Standard allows you to request approval from individual end-users to access their FitQuest data (via a three-legged authentication model).
  • Enterprise (available to approved organisations only) grants access to all site and member data for your organisation – leaving you to authenticate the end-user as required within your own systems.

Access to our API requires an API token and secret which developers can generate from our Developer Dashboard. If you would like access to our API please get in touch so we can register your developers with our system and grant the appropriate access.

Authentication Sequence

The API token/secret authenticates your application with FitQuest in exchange for an encrypted JWT bearer token for the session. The bearer token has restricted scope to specific end-users and expires automatically – making it ideal for client side use (e.g. mobile apps). Your enterprise token/secret should always remain server side for maximum security.

Query Sequence

Your JWT bearer session token must be supplied to each call of our API endpoints for authentication. The request is verified against the scope originally authenticated. i.e. the data being requested belongs to the user originally authenticated.

We hope you find the API useful and look forward to seeing the integrations you come up with!

†To protect our members, API access is subject to our approval, terms & conditions and privacy policy. Enterprise access requires subscription.