WHOOP Central - OAuth + scripts to fetch WHOOP data (sleep, recovery, strain, workouts). Use when user asks about their sleep, recovery score, HRV, strain, or workout data.
Access sleep, recovery, strain, and workout data from WHOOP via the v2 API.
# 1) One-time setup (writes ~/.openclaw/whoop/credentials.json)
node src/setup.js
# 2) Recommended: Get tokens via Postman (see Auth section), then verify
node src/verify.js
node src/verify.js --refresh
# Prompt-friendly snapshot (includes last workout)
node src/today.js
# Daily summary (all metrics)
node src/summary.js
# Individual metrics
node src/recovery.js
node src/sleep.js
node src/strain.js
node src/workouts.js
# Bulk import to ~/clawd/health/logs/whoop/*
node src/import-historical.js
| Metric | Data Points |
|---|---|
| Recovery | Score (0-100%), HRV, resting HR, SpO2, skin temp |
| Sleep |
| Duration, stages (REM/deep/light), efficiency, performance |
| Strain | Daily strain (0-21), calories, avg/max HR |
| Workouts | Activity type, duration, strain, calories, HR |
openssl (only needed for the optional auth.js flow when using https://localhost; Postman auth does not need it)https://oauth.pstmn.io/v1/browser-callback
auth.js):
https://localhost:3000/callback
Team note: this skill does not ship any client credentials. Each user can create their own WHOOP app,
or (if you trust each other) a team can share one app's client_id/client_secret and let multiple WHOOP
accounts authorize it.
Run:
node src/setup.js
This writes ~/.openclaw/whoop/credentials.json (and optionally token.json if you paste tokens).
Postman is the most reliable bootstrap for many accounts because WHOOP may block browser-like traffic to the OAuth endpoints (or behave differently depending on headers).
Postman checklist (don’t skip these):
https://oauth.pstmn.io/v1/browser-callbackoffline (or you won’t get a refresh_token)client_secret_post)