Skip to main content

MCP server for MyFitnessPal: log, search, and analyze your food diary from any MCP client

Project description

myfitnesspal-mcp

Connect MyFitnessPal to Claude or any MCP client. Log meals by talking, search the food database with macros, track trends, and export your nutrition history — all against your real MyFitnessPal diary.

Published on PyPI as mfp-mcp.

Unofficial. MyFitnessPal has no public API; this reverse-engineers the web app's own endpoints. It can break whenever MFP changes their site. Use at your own risk, with your own account.

Why this one?

MyFitnessPal moved behind Cloudflare + NextAuth, which broke the username/password login that most existing integrations rely on. This server:

  • Authenticates with your browser session cookie over a real Chrome TLS fingerprint (curl_cffi), which passes Cloudflare.
  • Auto-refreshes the session (optional): a headless browser profile rotates the token when it expires, and failed calls retry automatically.
  • Writes, not just reads: log, modify, and delete real diary entries.
  • Search-then-log: get candidates with macros, then log the exact item.

Quickstart

  1. Connect your account (one-time; prompts you to paste a cookie — see Authentication):

    uvx mfp-mcp auth
    
  2. Add the server to your client.

    Claude Code

    claude mcp add myfitnesspal -- uvx mfp-mcp
    

    Claude Desktop (claude_desktop_config.json)

    {
      "mcpServers": {
        "myfitnesspal": {
          "command": "uvx",
          "args": ["mfp-mcp"]
        }
      }
    }
    
  3. Talk to it: "log a banana as a snack", "what did I eat yesterday?", "chart my weight this month".

Requires uv. Any MCP client that speaks stdio or streamable HTTP works, not just Claude.

Authentication

MyFitnessPal killed headless password login, so this uses your browser's session cookie:

  1. Log in at myfitnesspal.com.
  2. Open DevTools (F12) → Application (Chrome) or Storage (Firefox) → Cookieshttps://www.myfitnesspal.com.
  3. Copy the value of __Secure-next-auth.session-token.
  4. Paste it into the mfp-mcp auth prompt (input is hidden).

Pasting the entire Cookie: header from any request in the Network tab also works. Cookies are stored with owner-only permissions in your platform config dir, or supply them via the MFP_COOKIE environment variable instead.

Sessions last around 30 days. When one expires, either re-run auth — or enable auto-refresh so you never have to.

Auto-refresh (recommended)

With the autorefresh extra, auth also seeds a persistent headless browser profile. When MyFitnessPal rejects the session mid-call, the server tells your client it is retrying, boots the profile headlessly, lets MyFitnessPal rotate the session token, saves the fresh cookie, and retries the call.

uvx --from 'mfp-mcp[autorefresh]' playwright install chromium
uvx --from 'mfp-mcp[autorefresh]' mfp-mcp auth

Then use the same --from 'mfp-mcp[autorefresh]' form in your client config (e.g. uvx --from 'mfp-mcp[autorefresh]' mfp-mcp).

Tools

Tool What it does
fitness_get_day Nutrition totals, diary entries, and feel note for a day
fitness_search_food Candidate matches with brand, calories, macros, serving, and ids
fitness_log_food Log a food to the real diary (top match, or an exact search candidate)
fitness_delete_food Remove a diary entry by name match
fitness_modify_food Replace an entry (or change its quantity)
fitness_log_weight Log a weight measurement (updates the same day on re-log)
fitness_get_exercise Read the exercise diary (cardio + strength)
fitness_log_feel Save a subjective "how I feel" note (stored locally, never sent to MFP)
fitness_get_trends One metric over a date range: weight, calories_in, protein, carbs, fat
fitness_bulk_export Whole date range in one call, for analysis

The high-accuracy logging flow: fitness_search_food("greek yogurt") returns candidates with macros and a food_id/weight_id; pass those to fitness_log_food to log exactly that item instead of trusting the top match.

Day summaries and trends read from a local SQLite cache that gap-fills from MyFitnessPal (first call on a fresh install fetches up to 30 days, one request per day — subsequent calls are fast).

Water intake is read-only (it appears in day summaries): MyFitnessPal's water write isn't exposed on any endpoint we've found — /food/water accepts POSTs but ignores them. If you capture the real call in your browser, a PR is very welcome.

Remote / HTTP mode

The default transport is stdio. For network clients:

mfp-mcp --http --host 127.0.0.1 --port 8484

This serves streamable HTTP at /mcp. There is no built-in authentication — never expose it to the internet. Bind to localhost and front it with something that authenticates for you: a VPN/tailnet (e.g. tailscale serve), an authenticating reverse proxy, or an OAuth-aware MCP gateway.

Configuration

Variable Purpose Default
MFP_COOKIE Session cookie (full header or bare token); overrides the saved file
MFP_USERNAME Your MFP username (not email); only needed if profile lookup fails auto-detected
MFP_IMPERSONATE curl_cffi browser fingerprint (try chrome124 on 403s) chrome
MFP_SYNC_DAYS Gap-fill lookback window in days 30
MFP_MCP_DATA_DIR Where the SQLite cache + browser profile live platform data dir

Troubleshooting

  • 403 / Cloudflare blocked: try MFP_IMPERSONATE=chrome124 (or another curl_cffi target). Datacenter IPs get challenged far more than residential ones.
  • "Session expired": re-run mfp-mcp auth, or set up auto-refresh.
  • "couldn't read your MyFitnessPal profile": MFP's profile endpoint 500s for some accounts. Set MFP_USERNAME to your username (not your email).
  • curl_cffi install issues: prebuilt wheels cover Linux/macOS/Windows; musl (Alpine) builds from source.

How it works

  • python-myfitnesspal parses the diary, measurements, and exercise pages — run over a curl_cffi session that impersonates Chrome's TLS fingerprint so Cloudflare lets it through with just the NextAuth session cookie.
  • Writes replicate the web app's own XHR calls: the legacy food-search page supplies the food_id/weight_id that /food/add accepts, and deletes go through /food/remove with the page CSRF token.
  • Day summaries, trends, and exports read a local SQLite cache that gap-fills missing days; feel notes are local-only.

Development

git clone https://github.com/Mason-Levyy/myfitnesspal-mcp
cd myfitnesspal-mcp
uv sync --extra autorefresh
uv run pytest

Tests run against synthetic MyFitnessPal HTML/JSON fixtures — no account needed.

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

mfp_mcp-0.1.1.tar.gz (22.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

mfp_mcp-0.1.1-py3-none-any.whl (20.5 kB view details)

Uploaded Python 3

File details

Details for the file mfp_mcp-0.1.1.tar.gz.

File metadata

  • Download URL: mfp_mcp-0.1.1.tar.gz
  • Upload date:
  • Size: 22.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for mfp_mcp-0.1.1.tar.gz
Algorithm Hash digest
SHA256 85f249b6dfdfa0b072bc567ad284cbb9ad88c8b7642718742cbf7cad2603b06c
MD5 12254259076d92237aa5fb153f18ae31
BLAKE2b-256 2d85dab7b716c68ad75b779b8be1e00d46656bb85586f4e62f06b4963f9707af

See more details on using hashes here.

Provenance

The following attestation bundles were made for mfp_mcp-0.1.1.tar.gz:

Publisher: publish.yml on Mason-Levyy/myfitnesspal-mcp

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file mfp_mcp-0.1.1-py3-none-any.whl.

File metadata

  • Download URL: mfp_mcp-0.1.1-py3-none-any.whl
  • Upload date:
  • Size: 20.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for mfp_mcp-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 702b6634696e7e37ddc00b03e46a57bb8f02c7f77a590ef1cbd798a1f62ba631
MD5 c293b981677d70283c55cef9654049fb
BLAKE2b-256 08e1f015c7f88bbb0ca518c83d18ce1436b2d02595e12c8e300eec3269ae494f

See more details on using hashes here.

Provenance

The following attestation bundles were made for mfp_mcp-0.1.1-py3-none-any.whl:

Publisher: publish.yml on Mason-Levyy/myfitnesspal-mcp

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page