withings

This MCP server connects Withings health data to Claude, allowing natural-language access to sleep data, body metrics, workouts, heart data, and more. After configuring the server, you can authorize Withings access via the OAuth flow and then interact with Claude to ask questions like sleep quality trends, weight trajectories, heart-rate patterns, or workout summaries. The server exposes tools that map to Withings data endpoints, enabling conversations such as 'What was my average sleep duration last week?' or 'Show my weight trend for the past month.' The integration focuses on privacy, encrypting tokens at rest and redacting sensitive identifiers from logs, while providing a transparent interface for reviewing and auditing the data handling.

Withings data available through this MCP includes sleep analytics, body measurements, activity metrics, heart data, and device-specific information. Available conversational tools cover: sleep and activity insights, intraday activity, workouts, measures (weight, body composition, vitals), user devices and goals, heart records and signals, and optional stethoscope data if supported by your devices. Use natural language prompts to fetch summaries, compare periods, or drill into detailed measurements, all within Claude or any MCP-compatible client.

Prerequisites:

• Node.js installed (LTS version) or a compatible runtime channel for the MCP server setup
• Access to Withings developer credentials to obtain CLIENT_ID and CLIENT_SECRET
• Optional: Docker if you prefer containerized deployment

Step 1: Clone the repository "git clone https://github.com/akutishevsky-withings-mcp.git" "cd akutishevsky-withings-mcp"

Step 2: Install dependencies "npm install" # or npm ci if you have a package-lock.json

Step 3: Configure environment Create a .env file or set environment variables as shown in mcp_config. Example .env: WITHINGS_CLIENT_ID=your-withings-client-id WITHINGS_CLIENT_SECRET=your-withings-client-secret WITHINGS_REDIRECT_URI=https://your-domain.com/callback TOKEN_ENCRYPTION_KEY=your-32-byte-key-for AES-256-GCM LOG_LEVEL=info REDIS_URL=redis://localhost:6379 DATABASE_URL=postgres://user:password@localhost:5432/withings_mcp

Step 4: Run the server "npm start" # or the equivalent node command if you run directly

Optional Step 5: Running with Docker If you prefer Docker, build and run the container (adjust image name and env vars accordingly): "docker build -t withings-mcp ." "docker run -d --name withings-mcp -e WITHINGS_CLIENT_ID=... -e WITHINGS_CLIENT_SECRET=... -p 3000:3000 withings-mcp"

Step 6: Verify startup Check logs for a ready message indicating the MCP server is listening for connections.

Tips and caveats:

• Ensure your OAuth redirect URI is correctly registered in your Withings app settings and matches the redirect URI in your environment.
• Keep the TOKEN_ENCRYPTION_KEY secure; rotate it only with a proper key management workflow.
• If you rotate credentials, invalidate old tokens and re-authenticate through the OAuth flow.
• For production deployments, consider adding TLS termination and robust secret management (e.g., Vault or cloud KMS).
• If you experience connection timeouts, verify REDIS_URL and DATABASE_URL connectivity and ensure your database user has the required permissions.
• Review the privacy-focused logging notes in the README to understand what data is redacted and how tokens are stored.