whoop-mcp
Self-hosted MCP server connecting Claude to your WHOOP data via the official API, enabling queries for recovery, sleep, cycles, workouts, and profile.
README
whoop-mcp
A self-hosted MCP server for your WHOOP data, built on the official WHOOP v2 OAuth API.
Bring your own WHOOP developer app (client id + secret). Your tokens live in storage you control — a local file or your Redis. Nothing routes through a third party, and because it uses the official API, it does not violate WHOOP's terms.
Why this exists
| Approach | ToS-safe | Data stays yours | Multi-device / scheduled |
|---|---|---|---|
| Private-API impersonation servers | ❌ account risk | local only | depends |
| Hosted SaaS connectors | ✅ | ❌ third party holds it | ✅ |
| whoop-mcp (this) | ✅ official API | ✅ your infra | ✅ when deployed remotely |
Tools
whoop_get_recovery, whoop_get_sleep, whoop_get_cycles, whoop_get_workouts, whoop_get_profile — each accepts start / end (ISO 8601) and limit where applicable.
Architecture
Claude ──bearer key──▶ whoop-mcp ──OAuth (your client id/secret + token)──▶ WHOOP v2 API
│
└── token store: file (local) | Redis (remote)
Two auth boundaries, kept separate:
- Claude → your server: a bearer key you set (
MCP_BEARER_KEY), also pasted into Claude's connector config. - Your server → WHOOP: your app's client id/secret + a stored, auto-rotating refresh token. Claude never sees your WHOOP credentials.
Refresh tokens are single-use
WHOOP rotates the refresh token on every use — each refresh returns a new one and invalidates the old. So the store must (a) write back the rotated token atomically and (b) lock so two requests can't spend the same token. Both backends handle this; it's why remote/serverless needs Redis (shared, atomic) while a single local process is fine with a file.
Prerequisites
- Node ≥ 20.
- A WHOOP app at https://developer.whoop.com:
- Add redirect URI
http://127.0.0.1:3000/callback(for the one-time auth step). - Enable scopes:
offline,read:recovery,read:sleep,read:workout,read:cycles,read:profile,read:body_measurement. - Copy the Client ID and Client Secret.
- Add redirect URI
npm install
cp .env.example .env # fill in WHOOP_CLIENT_ID / WHOOP_CLIENT_SECRET
Option A — Local (file storage, Claude Desktop)
npm run auth # opens the WHOOP consent URL; stores tokens at ~/.whoop-mcp/tokens.json
npm run build
Add to claude_desktop_config.json:
{
"mcpServers": {
"whoop": {
"command": "node",
"args": ["/absolute/path/to/whoop-mcp/dist/bin/stdio.js"]
}
}
}
Restart Claude Desktop and ask "What's my WHOOP recovery today?". (Works only while Desktop is open on this machine.)
Option B — Remote (Redis storage, works from web + phone + scheduled)
This is the deploy that satisfies "available everywhere + automated". Set these env vars on your host:
STORAGE=redis
UPSTASH_REDIS_REST_URL=...
UPSTASH_REDIS_REST_TOKEN=...
MCP_BEARER_KEY=<long random string>
WHOOP_CLIENT_ID=...
WHOOP_CLIENT_SECRET=...
WHOOP_REDIRECT_URI=http://127.0.0.1:3000/callback
1. Seed the token chain into Redis (run locally once, pointing at the same Upstash):
STORAGE=redis UPSTASH_REDIS_REST_URL=... UPSTASH_REDIS_REST_TOKEN=... npm run auth
2. Deploy. Two supported targets, same code:
- Vercel (serverless):
api/mcp.tsis a ready@vercel/mcp-adapterfunction (routePOST /api/mcp). Runvercel --prod, set the env vars above in the Vercel project, and you're done. RequiresSTORAGE=redis. - Always-on container (Railway / Render / Fly): a standard long-running process —
npm run build && node dist/bin/http.js, exposingPOST /mcpandGET /health. No adapter needed; works with file or redis storage.
3. Add it to Claude as a custom connector: Settings → Connectors → Add custom connector → URL https://your-host/api/mcp (Vercel) or https://your-host/mcp (container), API key = your MCP_BEARER_KEY. Works across claude.ai web, mobile, and desktop, and is available to scheduled Routines.
Test locally without Claude
npm run start:http # in one shell (needs MCP_BEARER_KEY set)
curl -s localhost:3000/health
curl -s localhost:3000/mcp -H "Authorization: Bearer $MCP_BEARER_KEY" \
-H 'Content-Type: application/json' \
-d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}'
Open-source / share it
This is a single-tenant template: each person clones it, registers their own WHOOP app, and deploys their own instance — so everyone's data stays on their own infrastructure. No secrets are committed; all config is env vars. (A multi-tenant hosted service is a deliberately bigger project — per-user encryption, identity, tenant isolation.)
Security notes
- Never commit
.envortokens.json(both are gitignored). - Treat
MCP_BEARER_KEYlike a password; rotate it by updating the env var and the Claude connector. - If you lose the stored refresh token, just re-run
npm run auth.
License
MIT — see LICENSE. Uses the official WHOOP API; you must supply your own developer app credentials.
推荐服务器
Baidu Map
百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。
Playwright MCP Server
一个模型上下文协议服务器,它使大型语言模型能够通过结构化的可访问性快照与网页进行交互,而无需视觉模型或屏幕截图。
Magic Component Platform (MCP)
一个由人工智能驱动的工具,可以从自然语言描述生成现代化的用户界面组件,并与流行的集成开发环境(IDE)集成,从而简化用户界面开发流程。
Audiense Insights MCP Server
通过模型上下文协议启用与 Audiense Insights 账户的交互,从而促进营销洞察和受众数据的提取和分析,包括人口统计信息、行为和影响者互动。
VeyraX
一个单一的 MCP 工具,连接你所有喜爱的工具:Gmail、日历以及其他 40 多个工具。
graphlit-mcp-server
模型上下文协议 (MCP) 服务器实现了 MCP 客户端与 Graphlit 服务之间的集成。 除了网络爬取之外,还可以将任何内容(从 Slack 到 Gmail 再到播客订阅源)导入到 Graphlit 项目中,然后从 MCP 客户端检索相关内容。
Kagi MCP Server
一个 MCP 服务器,集成了 Kagi 搜索功能和 Claude AI,使 Claude 能够在回答需要最新信息的问题时执行实时网络搜索。
e2b-mcp-server
使用 MCP 通过 e2b 运行代码。
Neon MCP Server
用于与 Neon 管理 API 和数据库交互的 MCP 服务器
Exa MCP Server
模型上下文协议(MCP)服务器允许像 Claude 这样的 AI 助手使用 Exa AI 搜索 API 进行网络搜索。这种设置允许 AI 模型以安全和受控的方式获取实时的网络信息。