Self-healing Garmin Connect OAuth authentication — login, token refresh, and rate limit recovery

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for drkostas from gravatar.com drkostas

Unverified details

These details have not been verified by PyPI
Meta
Classifiers
Report project as malware

Project description

garmin-auth

Self-healing Garmin Connect OAuth authentication for Python.

Handles the complex Garmin SSO flow (OAuth1 → OAuth2), automatic token refresh, and rate limit recovery — so you don't have to.

Install

pip install garmin-auth

Quick Start

CLI

# First time — prompts for email and password interactively
garmin-auth login

# Check token status
garmin-auth status

# Refresh tokens (for cron jobs / CI)
garmin-auth refresh

# Pass credentials via flags
garmin-auth login --email you@example.com --password yourpassword

# Or via environment variables
export GARMIN_EMAIL=you@example.com
export GARMIN_PASSWORD=yourpassword
garmin-auth login

After first login, your email is saved to ~/.garmin-auth/config.json so you only need to enter your password on subsequent logins.

Python API

from garmin_auth import GarminAuth

# Reads GARMIN_EMAIL/GARMIN_PASSWORD from env, or uses saved tokens
auth = GarminAuth()
client = auth.login()  # Returns an authenticated garminconnect.Garmin client

# Use the client
activities = client.get_activities(0, 10)

# Rate-limited API calls (retry with backoff on 429)
from garmin_auth import GarminAuth, RateLimiter

auth = GarminAuth()
client = auth.login()
limiter = RateLimiter(delay=1.0, max_retries=3)

activities = limiter.call(client.get_activities, 0, 10)
heart_rates = limiter.call(client.get_heart_rates, "2026-01-01")

# Token maintenance (no client needed)
auth = GarminAuth()
result = auth.refresh()   # {"status": "refreshed", "hours_valid": "23.5", ...}
info = auth.status()      # {"status": "valid", "hours_remaining": 23.5, ...}

How It Works

Three strategies, tried in order:

  1. Cached token — If OAuth2 has >1h remaining, use it (instant)
  2. Token exchange — Use OAuth1 to get fresh OAuth2 (no password needed)
  3. Full SSO login — Email/password through Garmin's SSO flow (last resort)

Tokens stay fresh automatically. Even if they fully expire, the package recovers without manual intervention.

Token Storage

Tokens are saved to ~/.garminconnect/ by default (garth-compatible JSON files).

# Custom token directory
garmin-auth --token-dir /path/to/tokens login

# Custom directory in Python
auth = GarminAuth(token_dir="/path/to/tokens")

For PostgreSQL storage (CI/CD or multi-machine setups):

from garmin_auth import GarminAuth
from garmin_auth.storage import DBTokenStore

auth = GarminAuth(store=DBTokenStore("postgresql://user:pass@host/db"))

Docker

# Build
docker build -t garmin-auth .

# Login (interactive)
docker run -it -v garmin-tokens:/root/.garminconnect garmin-auth login

# Check status
docker run -v garmin-tokens:/root/.garminconnect garmin-auth status

# Refresh (for cron)
docker run -e GARMIN_EMAIL=... -e GARMIN_PASSWORD=... \
  -v garmin-tokens:/root/.garminconnect garmin-auth refresh

Limitations

  • MFA not supported — If your Garmin account has MFA enabled, disable it or use an app password
  • Garmin rate limits — Garmin aggressively rate-limits auth attempts (429). The package handles retries with backoff, but excessive calls in a short period may require waiting 1-24 hours

License

MIT

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for drkostas from gravatar.com drkostas

Unverified details

These details have not been verified by PyPI
Meta
Classifiers

Release history Release notifications | RSS feed

0.3.0

0.2.1

This version

0.2.0

0.1.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

garmin_auth-0.2.0.tar.gz (14.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

garmin_auth-0.2.0-py3-none-any.whl (15.8 kB view details)

Uploaded Python 3

File details

Details for the file garmin_auth-0.2.0.tar.gz.

File metadata

  • Download URL: garmin_auth-0.2.0.tar.gz
  • Upload date:
  • Size: 14.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for garmin_auth-0.2.0.tar.gz
Algorithm Hash digest
SHA256 85a7ee713ae46025985f16154ec268b07de84e543716f72d643d159af13fde48
MD5 ffdb28b537597a21cb891e73f4b317f5
BLAKE2b-256 5f8fa914007dd7138a4bdfbfec9241171787ee3d82306c0af9d33e51f1a8167e

See more details on using hashes here.

Provenance

The following attestation bundles were made for garmin_auth-0.2.0.tar.gz:

Publisher: publish.yml on drkostas/garmin-auth

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file garmin_auth-0.2.0-py3-none-any.whl.

File metadata

  • Download URL: garmin_auth-0.2.0-py3-none-any.whl
  • Upload date:
  • Size: 15.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for garmin_auth-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 3669191873eb7b0d91011fd9b3d5281869f5e0b5f2a29049a7e3d7c1c3a887fd
MD5 7056672ff7f1adb35298aa1e2f7f2e6d
BLAKE2b-256 731f1796a1f11dbc5df7d825c2bf0fe5234261c7333a2eb4bd0016e44acee5a1

See more details on using hashes here.

Provenance

The following attestation bundles were made for garmin_auth-0.2.0-py3-none-any.whl:

Publisher: publish.yml on drkostas/garmin-auth

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page