Peloton Integration
Reverse-engineered API — no official partnership
Peloton does not publish a developer API. The vitalera integration targets the same endpoints used by the Peloton web app (api.onepeloton.com). Authentication is session-cookie based. Endpoints may change without notice.
Peloton workouts (Bike, Bike+, Tread, Row, App-only) include rich per-second performance data that complements raw HR.
Data types
| Category | Highlights |
|---|---|
| Workouts | Type, duration, start/end, instructor, class id |
| Heart rate | Per-second trace (if HR monitor paired) |
| Calories | Per-workout total |
| Distance | Rides / runs / rows |
| Performance graph | Output (watts), cadence (rpm), resistance |
Connection
curl -X POST https://api.vitalera.io/api/connected-accounts/peloton/oauth/initiate/ \
-H "Authorization: Bearer <user_token>" \
-d '{"username_or_email": "user@example.com", "password": "••••••"}'
The integration logs in and stores the returned session cookies. No OAuth — Peloton has no OAuth server.
Polling
Peloton does not push. vitalera polls /api/user/{id}/workouts on a schedule and fetches per-workout performance graphs on new detections.