Providers have different authentication flows. Some require a username and password, others require an email address and password. Vital supports the following provider types:

  • OAuth
  • Email
  • Email + Password

The majority of providers are OAuth providers. These providers require a user to be redirected to a third party website to authenticate. Once authenticated, the user is redirected back to the link widget. The Email and Email + Password providers require a user to enter their email address and password into the link widget. This is then sent to Vital and used to connect to the provider.

The list of providers and their oauth types are as follows:

‘OAuth’

Current OAuth providers are:

ProviderDescription
FitbitActivity Trackers (all devices)
GarminFitness watches (all devices)
OuraSmart Sleep tracking ring
StravaRunning & Cycling Social Network
WahooCycling Equipment
iHealthBlood pressure, Fitness scales, Glucometers & Fitness watches
WithingsFitness scales, watches and health monitors
Google FitActivity Trackers (all devices)
PolarFinnish sports tech pioneer
CronometerNutrition data
OmronBlood Pressure data
WhoopSmart Activity Watches
DexcomGlucose monitors

To connect an oauth provider:

import { VitalClient, VitalEnvironment } from '@tryvital/vital-node';
import { LinkTokenExchange, LinkGenerateOauthLinkRequest, OAuthProviders } from '@tryvital/vital-node/api';


const client = new VitalClient({
    apiKey: '<my_api_key>',
    environment: VitalEnvironment.Sandbox,
});

const request: LinkTokenExchange = {
    userId: "<user_id>",
}
const tokenResponse = await client.link.token(request)

const linkRequest: LinkGenerateOauthLinkRequest = {
    vitalLinkToken: tokenResponse.linkToken,
}

const auth = await client.link.generateOauthLink(
    OAuthProviders.<provider>,
    linkRequest
)

For OAuth Providers we return an oauth_url that can be used to redirect users to. In a web view, on redirection, you should check the user has connected to the provider successfully. In the case of mobile, the user should receive a message to return to the app.

The possible error codes that are returned are as follows:

  • 401 INVALID_REQUEST Link Token is Invalid
  • 400 MISSING_LINK_TOKEN Missing link token
  • 400 INVALID_PROVIDER Provider is not supported
  • 400 INVALID_USER_ID User id is incorrect
  • 400 INVALID_CREDENTIALS Credentials for provider are incorrect

‘Email’

Current email providers are:

ProviderDescription
FreestyleAbbott CGM Glucose monitor

‘Email + Password’

Current email and password providers are:

ProviderDescription
RenphoFitness Scales
ZwiftVirtual cycling and running
PelotonPopular Indoor Exercise bike
Eight SleepSmart Mattress
BeurerBlood pressure and glucose devices
HammerheadCycling Computer
Dexcom G6 & OlderCGM Glucose Monitor
MyFitnessPalMeal Tracking Application
KardiaEKG Application

To connect a email and password provider:

import { VitalClient, VitalEnvironment } from '@tryvital/vital-node';
import { IndividualProviderData, PasswordProviders } from '@tryvital/vital-node/api';

const request: IndividualProviderData = {
    username: '<username>',
    password: '<password>',
}
const data = await client.link.connectPasswordProvider(PasswordProviders.<provider>, request)
Launching linkLink Errors