Skip to main content

MCP server for MyFitnessPal: log, search, and analyze your food diary from any MCP client

Project description

myfitnesspal-mcp

Connect MyFitnessPal to Claude or any MCP client. Log meals by talking, search the food database with macros, track trends, and export your nutrition history — all against your real MyFitnessPal diary.

Published on PyPI as mfp-mcp.

Unofficial. MyFitnessPal has no public API; this reverse-engineers the web app's own endpoints. It can break whenever MFP changes their site. Use at your own risk, with your own account.

Why this one?

MyFitnessPal moved behind Cloudflare + NextAuth, which broke the username/password login that most existing integrations rely on. This server:

  • Authenticates with your browser session cookie over a real Chrome TLS fingerprint (curl_cffi), which passes Cloudflare.
  • Auto-refreshes the session (optional): a headless browser profile rotates the token when it expires, and failed calls retry automatically.
  • Writes, not just reads: log, modify, and delete real diary entries.
  • Search-then-log: get candidates with macros, then log the exact item.

Quickstart

  1. Connect your account (one-time; prompts you to paste a cookie — see Authentication):

    uvx mfp-mcp auth
    
  2. Add the server to your client.

    Claude Code

    claude mcp add myfitnesspal -- uvx mfp-mcp
    

    Claude Desktop (claude_desktop_config.json)

    {
      "mcpServers": {
        "myfitnesspal": {
          "command": "uvx",
          "args": ["mfp-mcp"]
        }
      }
    }
    
  3. Talk to it: "log a banana as a snack", "what did I eat yesterday?", "chart my weight this month".

Requires uv. Any MCP client that speaks stdio or streamable HTTP works, not just Claude.

Authentication

MyFitnessPal killed headless password login, so this uses your browser's session cookie:

  1. Log in at myfitnesspal.com.
  2. Open DevTools (F12) → Application (Chrome) or Storage (Firefox) → Cookieshttps://www.myfitnesspal.com.
  3. Copy the value of __Secure-next-auth.session-token.
  4. Paste it into the mfp-mcp auth prompt (input is hidden).

Pasting the entire Cookie: header from any request in the Network tab also works. Cookies are stored with owner-only permissions in your platform config dir, or supply them via the MFP_COOKIE environment variable instead.

Sessions last around 30 days. When one expires, either re-run auth — or enable auto-refresh so you never have to.

Auto-refresh (recommended)

With the autorefresh extra, auth also seeds a persistent headless browser profile. When MyFitnessPal rejects the session mid-call, the server tells your client it is retrying, boots the profile headlessly, lets MyFitnessPal rotate the session token, saves the fresh cookie, and retries the call.

uvx --from 'mfp-mcp[autorefresh]' playwright install chromium
uvx --from 'mfp-mcp[autorefresh]' mfp-mcp auth

Then use the same --from 'mfp-mcp[autorefresh]' form in your client config (e.g. uvx --from 'mfp-mcp[autorefresh]' mfp-mcp).

Tools

Tool What it does
fitness_get_day Nutrition totals, diary entries, and feel note for a day
fitness_search_food Candidate matches with brand, calories, macros, serving, and ids
fitness_log_food Log a food to the real diary (top match, or an exact search candidate)
fitness_delete_food Remove a diary entry by name match
fitness_modify_food Replace an entry (or change its quantity)
fitness_log_weight Log a weight measurement (updates the same day on re-log)
fitness_get_exercise Read the exercise diary (cardio + strength)
fitness_log_feel Save a subjective "how I feel" note (stored locally, never sent to MFP)
fitness_get_trends One metric over a date range: weight, calories_in, protein, carbs, fat
fitness_bulk_export Whole date range in one call, for analysis

The high-accuracy logging flow: fitness_search_food("greek yogurt") returns candidates with macros and a food_id/weight_id; pass those to fitness_log_food to log exactly that item instead of trusting the top match.

Day summaries and trends read from a local SQLite cache that gap-fills from MyFitnessPal (first call on a fresh install fetches up to 30 days, one request per day — subsequent calls are fast).

Water intake is read-only (it appears in day summaries): MyFitnessPal's water write isn't exposed on any endpoint we've found — /food/water accepts POSTs but ignores them. If you capture the real call in your browser, a PR is very welcome.

Remote / HTTP mode

The default transport is stdio. For network clients:

mfp-mcp --http --host 127.0.0.1 --port 8484

This serves streamable HTTP at /mcp. There is no built-in authentication — never expose it to the internet. Bind to localhost and front it with something that authenticates for you: a VPN/tailnet (e.g. tailscale serve), an authenticating reverse proxy, or an OAuth-aware MCP gateway.

Configuration

Variable Purpose Default
MFP_COOKIE Session cookie (full header or bare token); overrides the saved file
MFP_USERNAME Your MFP username (not email); only needed if profile lookup fails auto-detected
MFP_IMPERSONATE curl_cffi browser fingerprint (try chrome124 on 403s) chrome
MFP_SYNC_DAYS Gap-fill lookback window in days 30
MFP_MCP_DATA_DIR Where the SQLite cache + browser profile live platform data dir

Troubleshooting

  • 403 / Cloudflare blocked: try MFP_IMPERSONATE=chrome124 (or another curl_cffi target). Datacenter IPs get challenged far more than residential ones.
  • "Session expired": re-run mfp-mcp auth, or set up auto-refresh.
  • "couldn't read your MyFitnessPal profile": MFP's profile endpoint 500s for some accounts. Set MFP_USERNAME to your username (not your email).
  • curl_cffi install issues: prebuilt wheels cover Linux/macOS/Windows; musl (Alpine) builds from source.

How it works

  • python-myfitnesspal parses the diary, measurements, and exercise pages — run over a curl_cffi session that impersonates Chrome's TLS fingerprint so Cloudflare lets it through with just the NextAuth session cookie.
  • Writes replicate the web app's own XHR calls: the legacy food-search page supplies the food_id/weight_id that /food/add accepts, and deletes go through /food/remove with the page CSRF token.
  • Day summaries, trends, and exports read a local SQLite cache that gap-fills missing days; feel notes are local-only.

Development

git clone https://github.com/Mason-Levyy/myfitnesspal-mcp
cd myfitnesspal-mcp
uv sync --extra autorefresh
uv run pytest

Tests run against synthetic MyFitnessPal HTML/JSON fixtures — no account needed.

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

mfp_mcp-0.1.3.tar.gz (23.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

mfp_mcp-0.1.3-py3-none-any.whl (20.6 kB view details)

Uploaded Python 3

File details

Details for the file mfp_mcp-0.1.3.tar.gz.

File metadata

  • Download URL: mfp_mcp-0.1.3.tar.gz
  • Upload date:
  • Size: 23.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for mfp_mcp-0.1.3.tar.gz
Algorithm Hash digest
SHA256 9542b5bb99cbc592d282e8ad2ef33f951495c435d488a90fe968fb5f7093b6f1
MD5 33a355ac63f36b5c813aa76da0cb56be
BLAKE2b-256 7a12aa701d9b5d03087b58db95406f11e82e92395c3a88a18655069629cd6986

See more details on using hashes here.

Provenance

The following attestation bundles were made for mfp_mcp-0.1.3.tar.gz:

Publisher: publish.yml on Mason-Levyy/myfitnesspal-mcp

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file mfp_mcp-0.1.3-py3-none-any.whl.

File metadata

  • Download URL: mfp_mcp-0.1.3-py3-none-any.whl
  • Upload date:
  • Size: 20.6 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for mfp_mcp-0.1.3-py3-none-any.whl
Algorithm Hash digest
SHA256 3b8a11d7441f2d9b79b71fb9144569b43bf4fb56ce4f4c2dbf0b9e49fcb1eaba
MD5 84a9351392a82f8a4cbd3b0f0e147ef3
BLAKE2b-256 3cca2708002c95ad3d05d8ba28a67cad11b8a2ea50f6653468eca5de80c9cdf3

See more details on using hashes here.

Provenance

The following attestation bundles were made for mfp_mcp-0.1.3-py3-none-any.whl:

Publisher: publish.yml on Mason-Levyy/myfitnesspal-mcp

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page