Developers & API

REST API v1 - Professional API Access

REST API v1 - Professional API Access

BuildStability provides a professional REST API for third-party developers and integrations. This API uses industry-standard OAuth 2.0 authentication and hides implementation details for better security and maintainability.

⚠️ Developer Access Required

Detailed technical documentation (endpoints, schemas, authentication) is available to registered developers. This ensures proper security, compliance, and support.

Access Requirements:

- Subscription: Starter plan or above - API Access: Must be enabled in Business Settings → API & Integrations - Developer Account: Sign up at `/developers/signup` for full documentation

What You Can Do:

The REST API enables: - Client Management - List, create, update, and archive clients - Appointment Management - Schedule and manage appointments - Program Management - Assign and track workout programs - Revenue & Analytics - Access business metrics and reports - Custom Integrations - Build third-party tools and dashboards

Authentication:

The REST API uses OAuth 2.0 Client Credentials flow: 1. Register an OAuth app in the Developer Portal 2. Receive `client_id` and `client_secret` 3. Exchange credentials for access token 4. Use access token in API requests

Example:

```bash # Get access token curl -X POST https://buildstability.com/api/oauth/token \ -d "grant_type=client_credentials&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET"

# Use access token curl -X GET https://buildstability.com/api/v1/clients \ -H "Authorization: Bearer YOUR_ACCESS_TOKEN" ```

Security & Privacy:

- ✅ OAuth 2.0 - Industry-standard authentication - ✅ Scoped Permissions - Fine-grained access control (read, write, admin) - ✅ Token Expiration - Short-lived access tokens (1 hour) - ✅ Row Level Security - All queries automatically filtered to your business data - ✅ Compliance - GDPR, HIPAA compliant data handling

Rate Limiting:

API requests are rate-limited by subscription tier: - Essential: 50 requests/15min, 1,000/day - Starter: 100 requests/15min, 5,000/day - Pro: 200 requests/15min, 15,000/day - Studio: 500 requests/15min, 50,000/day

Getting Full Documentation:

To access detailed technical documentation including: - Complete endpoint reference - Request/response schemas - Authentication examples - Code samples (cURL, TypeScript, Python) - Best practices guide

Please: 1. Sign up for a developer account at `/developers/signup` 2. Enable API access in your Business Settings 3. Register an OAuth app in the Developer Portal 4. Access full documentation at `/developers/api`

Why Developer Access is Required:

- Security: Protects database schema and design patterns - Privacy: Ensures compliance with data protection regulations - Support: Allows us to provide proper technical support - Best Practices: Follows industry standards (similar to Xero, Strava, Garmin Connect)

Alternative: Use MCP Tools

For AI agents and most use cases, we recommend using our MCP Server, which provides: - Pre-built business operations - Optimized queries - Rate limiting aligned with subscription tiers - Full documentation available publicly

See the MCP Integration Guide for details.

REST API vs MCP:

| Feature | REST API | MCP Server | |---------|----------|------------| | Protocol | Standard REST (HTTP) | JSON-RPC 2.0 | | Authentication | OAuth 2.0 | JWT (user login) | | Use Case | Third-party integrations | AI agents | | Documentation | Developer portal (after signup) | Public | | Best For | Custom apps, dashboards | AI assistants, automation |

Related Resources

Ready to implement these strategies?

Join thousands of trainers using BuildStability to automate engagement tracking and prevent churn.

Start Your Free Trial