ROOK
Roadmap
TryRook
Changelog
Back to changelog
Powered by Canny

new

Authorization Endpoint Optimization

This project focuses on optimizing the authorization endpoint for data sources in ROOK. The new version,
/v2
, replaces the previous version
/v1
, which returned a flat response with simple boolean values.
The redesigned version delivers a richer and more visually informative structure, aimed at improving the experience for both developers and end users. The response now includes:
  • Name of the data source (e.g., Apple Health, Garmin, Fitbit)
  • User's authorization status
  • Logo of the data source
This enhanced endpoint allows for more dynamic, intuitive, and user-friendly interfaces, making it easier to visualize which wearables or health apps are currently connected.
Endpoint Request
  • Method:
    GET
  • URL:
    /api/v2/user_id/{user_id}/data_sources/authorized
  • Example Response:
{
"data_sources": [
{
"data_source": "Oura",
"status": false,
"image": "https://example.com/images/oura.png"
},
{
"data_source": "Apple Health",
"status": true,
"image": "https://example.com/images/apple_health.png"
},
...
]
}
Key Features of the New Endpoint
  • Simplified and enriched JSON structure with visual metadata
  • Improved performance and data load efficiency
  • Scalable across multiple platforms and devices
  • Compatible with both API and SDK integrations
  • Ideal for user-facing dashboards and connection interfaces
Frequently Asked Questions
What is the authorized endpoint?
It’s an API resource that allows you to check whether a user has authorized health or wellness data sources such as wearables or apps (e.g., Fitbit, Garmin, Apple Health).
What is the endpoint URL?
GET /api/v2/user_id/{user_id}/data_sources/authorized
What improvements does it offer over version /v1?
  • Enriched structure including name, image, and status per source
  • Better performance and clarity
  • More personalized and user-friendly interfaces
  • Replaces a simple boolean-based response with a detailed object list
What parameters are required?
user_id
: required string (unique identifier of the user)
What does a typical response look like?
A list of objects representing each enabled source, including its authorization status and an image for UI rendering.
What HTTP status codes are returned?
  • 200 OK: Data retrieved successfully
  • 400 Bad Request: Invalid or missing parameters
  • 401 Unauthorized: Authentication failure
  • 500 Internal Server Error: Unexpected server error