Read-only OAuth · local tokens · agent-native health context
Your body already sends signals. Your agent should know how to listen.
Withings MCP is an unofficial, open-source bridge that gives AI agents safe access to your Withings activity, sleep, body-measure, heart and workout context through the official Withings Public API.
npx -y withings-mcp-unofficial setup16tools
For humans
No API archaeology. No token pasted into agent configs.
Withings developer setup is the hard part. This page gives the exact callback, scopes and commands so a non-technical user can delegate the install safely.
Create your Withings app
Open the Withings developer console and add this callback URL.
http://127.0.0.1:3000/callbackGrant read scopes
The MCP is read-only by default. It needs the scopes below for health and training summaries.
user.activity user.metricsRun setup
npx -y withings-mcp-unofficial setup
npx -y withings-mcp-unofficial auth
npx -y withings-mcp-unofficial doctorThe toolbelt
Processed health signals, shaped for agents.
For agents
A manifest that tells agents how not to break things.
Agents should call withings_agent_manifest and withings_connection_status first. Hermes gets direct tool names and explicit reload guidance so it does not restart the gateway for normal Withings access.
Install the unofficial Withings MCP server for me.
Repo: github.com/davidmosiah/withingsmcp
Scopes: user.activity user.metrics
Then run setup, auth and doctor.
Keep tokens local. No medical diagnosis.Trust boundary
Health data is not a toy payload.
This MCP exposes processed Withings Public API data. It does not expose raw accelerometer telemetry, private Google endpoints, or clinical diagnosis. Raw JSON is explicit; summary and structured modes are safer defaults.
Open source quantified-self infrastructure