Unable to integrate api
58 views
Skip to first unread message
Mujeeb Saifi
Jul 19, 2025, 5:55:49 AMJul 19
to fatsecret Platform API
Hey everyone, I am new here exploring fatsecret api. I am unable to understand how do i integrate the api in my project as I will be using supabase for user authentication but fatsecret has their own authentication method like OAuth 2.0, OAuth 1.0, and 3-Legged Authentication everything kind of confusing. Do I need to authenticate my request to fatsecret api? i have genereted client id and secret key but not sure where to use it. Any help would be appreciated.
seba...@fatsecret.com
Jul 20, 2025, 9:10:43 PMJul 20
to fatsecret Platform API
Thanks for reaching out. You can use the API with OAuth1.0 without IP restrictions.
To better secure OAuth 2.0 we have implemented IP Restrictions, which 'white list' IP Addresses for a given client Key/Secret.
We block requests to fatsecret API for a Key/Secret if the source IP is not white listed. Before releasing these IP ranges we allowed only 15 specific IP addresses, now we allow up to 15 ranges of IP addresses in your account under "Manage API Keys".
Example (recommended for your use case described above): 0.0.0.0/0 => is a range that allows any IPV4 https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
For Mobile apps we would recommend using an API proxy server to avoid Mobile Apps communicating directly with fatsecret APIs.
This proxy should be responsible for:
- Managing the validity / renewal of your OAuth 2.0 access tokens
- Forwarding any fatsecret related requests to fatsecret APIs
Please avoid having your client's credentials part of your Mobile App source code / configuration.
We block requests to fatsecret API for a Key/Secret if the source IP is not white listed. Before releasing these IP ranges we allowed only 15 specific IP addresses, now we allow up to 15 ranges of IP addresses in your account under "Manage API Keys".
Example (recommended for your use case described above): 0.0.0.0/0 => is a range that allows any IPV4 https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
For Mobile apps we would recommend using an API proxy server to avoid Mobile Apps communicating directly with fatsecret APIs.
This proxy should be responsible for:
- Managing the validity / renewal of your OAuth 2.0 access tokens
- Forwarding any fatsecret related requests to fatsecret APIs
Please avoid having your client's credentials part of your Mobile App source code / configuration.
Patrick Chasco
Jul 21, 2025, 12:33:01 AMJul 21
to fatsecret-p...@googlegroups.com
The two authentications are unrelated. You’ll need to get an auth token for your client through your own backend (don’t put the client secret on the users’ devices), then give it to the client. Your client should then send the auth token with every fs request. The client should not communicate directly with fs api, instead send all requests through your backend which then forwards the requests to fs. Since you are using supabase auth too you’ll need to reserve the authorization header for supabase and send the fs access token through another header to your backend, or just include it in the body of the request.
On Sat, Jul 19, 2025 at 4:55 AM Mujeeb Saifi <mujeebs...@gmail.com> wrote:
Hey everyone, I am new here exploring fatsecret api. I am unable to understand how do i integrate the api in my project as I will be using supabase for user authentication but fatsecret has their own authentication method like OAuth 2.0, OAuth 1.0, and 3-Legged Authentication everything kind of confusing. Do I need to authenticate my request to fatsecret api? i have genereted client id and secret key but not sure where to use it. Any help would be appreciated.
--
You received this message because you are subscribed to the Google Groups "fatsecret Platform API" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fatsecret-platfor...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/fatsecret-platform-api/024c459d-212f-41df-9433-fa0130e65741n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages