Skip to main content

Get help

Partners cannot unlink a user from their application, however the user can do it at the following link (note that client_id and USERID must be replaced):

Cloud name / medical certificationUnlink URL
EU Medical Cloud / Public Cloud
GDPR compliant, ISO 27001:2017 and HDS certified
https://account.withings.com/partner/disconnect_partner/client_id?selecteduser=USERID
US Medical Cloud
US based, ISO 27001:2017 certified, HIPAA and GDPR compliant
https://account.us.withingsmed.com/partner/disconnect_partner/client_id?selecteduser=USERID

How do I create several partner applications under one account?

You can only have one partner application per account. You need to create a different account in order to create another partner application.

I get this error when creating or updating my partner application: This is not a valid URL

For more information, please refer to the Callback URL section in the Glossary.

Can I use an IP address or localhost as the callback URL or redirect URI?

Localhost and IP addresses are not allowed as callback URLs or redirect URIs.

For more information, please refer to the Callback URL section in the Glossary.

Can I still use my OAuth1.0 application?

Since November 2018 OAuth 1.0 applications are no longer supported. Please migrate to an OAuth2.0 application by registering a new application on your Developer Dashboard.

How do I avoid asking the user to allow my app during authentication every time?

Please refer to the OAuth 2.0 - Get your access token step in order to get the Access Token used to call our API and the Refresh Token used to refresh it.

How do I force a Withings customer to logout before following the OAuth2.0 process?

Redirect the customer to this URL:

Cloud name / medical certificationLogout URL
EU Medical Cloud / Public Cloud
GDPR compliant, ISO 27001:2017 and HDS certified
https://account.withings.com/logout?r=YOUR_AUTHORIZATION_CODE_ENCODED_URL
US Medical Cloud
US based, ISO 27001:2017 certified, HIPAA and GDPR compliant
https://account.us.withingsmed.com/logout?r=YOUR_AUTHORIZATION_CODE_ENCODED_URL

With YOUR_AUTHORIZATION_CODE_ENCODED_URL as the encoded version of the /authorize2 URL.

Why do I get a CORS policy error?

Requests from the client-side javascript or web browser is not permitted.

Why do I get this error? Invalid Params: invalid code

Authorization codes expires after 30 seconds, so you need to request and use a new code.

Why do I get this error? Invalid_params: invalid grant_type

Make sure you did a POST call with params in the body.

Why do I get this error? Invalid_request: The client ID was not specified in the request

Make sure you did a POST call with params in the body.

I get this error: client_id not authorized

Make sure that you are not using OAuth1.0 credentials. You have to create an OAuth2.0 app and use OAuth2.0 credentials even if you previously had an OAuth1.0 app.

Why do I get this error? The redirect URI provided is missing or does not match the partner callback URL

Make sure that redirect_uri is set as the parameter and its value is specified as the Callback URL in your partner application (or contained if it is a list). It must at least have the same domain.

The https://wbsapi.withings.com endpoint is not working

The correct URL is https://wbsapi.withings.net

The https://account.withings.com/oauth2_user/authorize endpoint is not working

The correct URL is https://account.withings.com/oauth2_user/authorize2

This is not necessary because we send you the notification and subsequently delete the notifications for this user.

Why do I get this error? User is temporarily deactivated

When a customer wants to delete a user, there is a seven day delay to allow the customer to change their mind and reactivate it. As a partner API, you should not delete the user until the end of the delay in case the customer reactivates it. It is best to retry a call to our API once a day until the user is reactivated or deleted. If it is deleted you will receive an invalid refresh error at refresh action.

How to create testing data in order to have non-empty responses?

Measure - Getactivity: use a Withings/Nokia activity tracker or link Apple Health to Withings HealthMate application. Measure - Getintradayactivity: use a Withings/Nokia activity tracker or link Apple Health to Withings HealthMate application. Sleep - v2 Get: use a sleep tracker such as Withings/Nokia Sleep or a Withings/Nokia activity tracker. Sleep - v2 Getsummary: use a sleep tracker such as Withings/Nokia Sleep or a Withings/Nokia activity tracker. User - v2 Getdevice: install at least one Withings/Nokia device. Measure - Getmeas: manually add a measurement in the Withings HealthMate application or Withings web dashboard. Measure - v2 Getworkouts: manually add a workout in the Withings HealthMate application or Withings web dashboard.

How do I remove my partner application?

In order to remove your partner application, data and all associated tokens, you need to request deletion using the link below. Once requested, it will be deleted after seven days and a cancel button will appear in your Developer Dashboard. Before the end of the seven-day period, you can cancel the deletion request by clicking on the cancel button.

How do I transfer ownership of my partner application?

Please contact us to transfer ownership of your partner application.

I can't find my answer here.

You can contact us with your question by clicking on the help button on the bottom right corner of this page.

My json parsing system is failing because it appears I'm receiving a json array instead of a json object, is this normal?

This behavior is a known issue of our legacy code. We will not change it on the current API version so that we don't risk breaking existing integrations, however this issue will be fixed in a future version of the API. For now, you should make sure your json parser is able to handle that case.

Help

Login required

Please log in to your Developer Dashboard in order to file a request.

OK