Authentication

The FatSecret Platform REST API allows you to access the FatSecret Platform, as long as you're signed up as a developer. To protect developers and users of the FatSecret Platform, we support both OAuth 2.0 and OAuth 1.0. The REST API requires that developers use any of the OAuth protocols for securely signing all requests.
Note that you must be signed up as a developer, and agree to our Terms of Service in order to obtain the credentials required to send requests to the REST API.
  • For OAuth 2.0: Client ID and Client Secret
  • For OAuth 1.0 Consumer Key and Shared Secret
If you're using the FatSecret Platform JavaScript API and you don't intend to enable deep profile integration with your site, then you don't need the OAuth credentials.
There are two types of request that the REST API Supports:

While OAuth 1.0 supports both types of requests, it is important to note that OAuth 2.0 only support the Signed Requests!

Signed Requests (Client ID and Token - OAuth 2.0, Consumer Key and Signature - OAuth 1.0)

All requests to the to the REST API must be signed (using your pre-assigned Shared Secret).
Signed Requests, as opposed to Signed and Delegated Requests, are where you are requesting information that is not on behalf of (or specific to) any single user's profile with the FatSecret Platform. For instance, the food.get API method returns details nutritional information for a specified food. As the response of this call returns information about a shared concept (i.e.: a single food item), and there is nothing about the response that is tailored to any specific user or individual, requests to the food.get API method must be signed, so that the Platform can verify the request, but the requests do not need to include the additional credentials of the particular user on whose behalf you are making the request.

Signed and Delegated Requests (Consumer Key and Access Token and Signature - OAuth 1.0 ONLY)

Most requests to the REST API can be thought of as executing on behalf of an individual user. For instance, weights.get_month returns the recorded weight values for a nominated user and a nominated month, while food_entry.create records an entry in a nominated user's Food Diary.
In order to enable the recording and storage of information on a per-user basis, the FatSecret Platform provides developers with profiles. A profile is the unique identifier for an individual user in the FatSecret Platform. You can create profiles for your own users on demand, by providing your own unique identifier for each profile you create (e.g.: member name, email address, or unique member identifier) or you can create a profile without providing any user-specific information and take care of storing the profile's oauth_token and oauth_secret (the profile unique identifier and signing key) in your own system (see the profile.create method).
The Profile Management REST API methods provide you with mechanisms for generating unique OAuth access tokens for each user of your site or service and for retrieving the secret for each token so that you can sign these requests on behalf of your users. For more information see API methods: profile.create and profile.get_auth.
In addition to creating profiles for your own users, you can also use the full 3-legged OAuth provided by FatSecret.com to attain an access token for a profile that is directly linked to a user account on FatSecret.com. For more information click here.
FatSecret Sites
For Developers

For Professionals

For Everyone

FatSecret Platform API

Support
API

About FatSecret

© 2019 FatSecret. All rights reserved.