API

When the reject_duplicate_connection setting is enabled on the Team, Vital checks whether or not the provider-reported user ID is already connected to an existing User in your Team.

If it does, the Link API would report the duplicate_connection error.

Check out the Update Team and Create Team endpoint documentation on how to enable the setting.

Check out the Link Errors documentation on how to catch the duplicate_connection error.

We introduce this because there has not been a dependable way for your application logic to understand why a connection attempt has failed, and in turn this prevents your application from providing actionable messages to your end users.

Depending on how you initiate the Link flow, the Link Error would be reported either as a URL query parameter, or as part of the JSON response.

Check out the Link Errors documentation for the detailed guidance.

We introduce this because this helps you understand what resources would and would not be available on a new connection. We also provide insights into how partial consents from users during the OAuth authentication flow can influence the resource availability, so that you can take actions accordingly.

This resource availability report is based on the permissions (also known as API access scopes) the user has granted during the authentication process.

In some cases, a provider resource may be available, but some information could be absent due to some optional scopes having been denied by the user. The availability report includes a full breakdown of granted and denied scopes by their optionality.

You can also query this information at any time through the Get User Connections endpoint.

Check out the Provider Connection Created (provider.connection.created) event schema and the Get User Connections endpoint documentation.

Vital can use this to compute a more accurate workout Heart Rate Zones, when the provider exposes neither heart rate zones nor user age to Vital.

Check out the Heart Rate Zones documentation.

This initial release groups data by Source Type from supported providers.

Check out the Blood Oxygen endpoint documentation for an example.

It also provides the pulled date-time range, as well as a rough estimate of the amount of data ingested (in terms of “days with data”).

Check out the Historical Pull Introspection endpoint documentation.

For example, the endpoint provides:

1. Oldest and newest data timestamp
2. The number of objects sent in *.created events
3. The status and time of the last ingestion attempt (polling or push)

Check out the User Resources Introspection endpoint documentation.

It grants only user-scoped access to your mobile app sign-ins. This allows you to keep your Vital API Keys as server-side secrets.

We encourage all customers using Vital API Keys in their production mobile apps to migrate to the Vital Sign-In Token scheme.

Check out the SDK Authentication guide on how to migrate to this scheme. Check out the Create Sign-In Token endpoint documentation on how to generate tokens for your mobile app sign-ins.