Skip to content

MMS Api v1 (1.0.0)

This API enables gym management software to connect to the EGYM system and transmit important pieces of information from the data sphere of the gym to the EGYM system. The "data privacy concept" section in the overview document explains more about the overall logic of data access. This API baiscally operates in "data processing" mode from a gyms' data privacy perspective, i.e. member data can be transmitted without prior individual consent of a user.

Use-case Overview

This API provided by EGYM covers three different use-cases:

  • **User Profile" related operations ("user path") like creating and updating member records
  • Trainer Task related Operations
  • Product/Experience related operations ("gym" path)

User Profile (/user)

This is the most important and most basic form of integration. The "publish" method allows for a combined create/update of whole member records and should be called whenever there is a new member created inside the MMS or meterial details of that record are changed. It also contains the methods to signal a "check-in" and "check-out" event.

Trainer Tasks (/task)

The Trainer Task API allows to interact with the tasks that are created and worked through on the trainer app. It provides CRUD functionalities for those tasks.

Product (/gym)

This API enables gym management software to create and update EGYM products for users on behalf of the gym.

  • It provides methods to retrieve all products that are available in a gym.
  • These products can be activated for users in the gym.
  • The active and future products for a user in a gym can be retrieved.

Test environment

We provide a test environment for integration testing of the API which is particularly helpful during development. Before entering productive mode, we will jointly test all functionalities to ensure that data is correctly sent, received and interpreted.

The endpoint for test environment is: https://mms.api.egym.com/gymapi/v1

Making requests via this ui is not allowed but one can generate an example curl request by clicking "Try it out", filling in some parameters and clicking "Execute". Note the upper- and lower cases and use attribute exactly as indicated. Please note that due to technical reasons the environment may temporarily not be available.

Production environment

The endpoint for production environment is: https://mms.api.egym.com/api/v2

Note on identifiers

EGYM uses the fields userId, membershipId, and eMail to identify members. Since EGYM can accept data from multiple source (EGYM compatible fitness equipment, EGYM apps, and third parties), it is important to use these identifiers correctly.

userId is the identifier assigned to this member by the EGYM server. When publishing data of a member for the first time, the client omits this field since the userId is unknown to the client. The server replies with a valid userId for this member that needs to be stored. On subsequent requests, the client must include the userId received previously.

membershipId is a String identifier used by the gym. This must be unambiguously assigned to this person and must never be reused for other members. membershipIds must be unique within all gyms that share member data (i.e. within the gym chain). The membershipId is not a contractId.

Any publish request must include a valid email address. For members who have previously used the EGYM ecosystem, e.g. our fitness machines, this must be identical to the email address used as EGYM account. It is important to include the correct email address with the first request sent for this member since the first API request will merge this user with pre-existing data for this person.

Note on optional fields

All fields noted as 'required' or 'optional' must be supported by the client software and included in the request if this data is available. Fields with the remark '(optional)' should be supported within the constraints of the client application, if possible.

If the value of an optional field is not known, the client must omit the the field in the request. The EGYM server will then assume that last known value (which may have been retrieved by other channels) is still valid. Please never sent an empty String ("") or empty list ([]) when the actual value is unkown.

Example imageData: The imageData field has due to its nature a larger size than other fields. Thus, it make sense to include this field only if this is the first publish request for this user or if the image has changed. Please do not include an unchanged image in subsequent requests. However, if the first requests failed for any reason (e.g. internet unavailable or HTTP status > 299), then the client must include the image when retrying.

Example rfidList: Sending rfidList: [] will overwrite the list of RFIDs for this member with the emtpy list. That is, this user will not be able to use EGYM equipment. On the other hand, if rfidList is missing from the request, the list of RFIDs is unchanged.

Example dateOfBirth: If the member's birthday is not known, it is OK to omit the field. However sending "dateOfBirth":"" (empty String) is invalid.

Encoding

All endpoints use the JSON data type for request and response bodies and UTF-8 character encoding. In your HTTP request, please declare the Content-Type for your JSON body: "Content-type: application/json"

Error handling

Requests which cannot be processed will return a special JSON object with "error" and optionally "error text" fields. Authentication problems, for example, return the following JSON: {"error":401, "errorText":"The provided user name or password is incorrect."}

Error codes

Informational

  • 200 OK - successful request
  • 204 No Content - successful request with empty response body

Client Error

  • 400 Bad Request - The email is invalid. (Email field does not match the expected format of valid email addresses)
  • 401 Unauthorized - The provided login credentials are wrong. (The combination of accessToken and gymID are wrong.)
  • 403 Forbidden - Blacklisted user (Email address is blacklisted)
  • 404 Not Found - User not found. (GET request with userId for user that does not exist)
  • 404 Not Found - Email address not found. (GET request with userId for user with email address that does not exist)
  • 404 Not Found - Could not find any user with RFID = 0x.... (GET request with RFID for user that does not exist)
  • 405 Method Not Allowed - Method Not Allowed (Using GET without required data to be presented via POST)
  • 409 Conflict - Conflict in the request (Request could not be processed because of conflict.)
  • 415 Unsupported Media Type - Unsupported Media Type (Unsupported Media Type; add "Content-type: application/json" to the header of your request)

404 error codes can indicate that user was deleted on EGYM server (e.g. he deleted his own account via the website).

Server Error

  • 500 Internal Server Error - Internal Server Error (A bug in the server. If this occurs in productions it is probably caused by unexpected behavior of the client, i.e. there is also a bug in the client.)

Authentication

Authentication is validated via an access token that is generated by EGYM for each gym location. EGYM requires a unique email for each member. EGYM uses the email address or other keys such as RFID-Id to initially match existing users in our data base. Server authentication of a request requires 2 additional parameters:

  • gymId: the gym location ID, as assigned by EGYM – gym chains will receive one gymId for each location
  • accesstoken: access token, provided by EGYM – each gym has a unique token

Example: https://mms.api.egym.com/gymapi/v1/user/publish?gymId=123

X-ACCESS-TOKEN: ABCDE

To test, use the Authorize-Button on the right to insert the token as a query parameter to every request.

Download OpenAPI description
api.json
api.yaml
Overview
Languages
Servers
Mock server
https://developer.egym.com/_mock/mms-api-v2/gymapi/api/
Test
https://mms.api.ed.ts.egym.coffee/v1/
Prod
https://mms.api.egym.com/v1/

gym

Operations

user

Operations

alive

Operations

task

Operations