The empowerment layer
Getting your data out — APIs & aggregators
A wearable's hardware is moot if its data is trapped in a proprietary app. This is the plumbing behind WearScore's empowerment axis: who can actually get the data, in what form, and how. The ecosystem splits into native manufacturer APIs and the middleware that unifies them. For the open-source clients patients and developers use to liberate device data, see the Open source page.
Native manufacturer APIs
Manufacturers secure their REST APIs with OAuth 2.0. Because the payload is protected health information, expect strict token management, regional data-storage rules, rate limiting, and increasingly a paywall on access itself.
| Provider | Access & auth | How data is delivered | Notable quirks |
|---|---|---|---|
| Dexcom CGM | OAuth 2.0; three tiers — Sandbox, Limited (≤5 users), Full Commercial (manual approval + data licensing). | Polling the /v3/users/self/egvs endpoint every 5 min; no real-time webhooks. | No granular scopes — apps get all data and must self-minimize. |
| Abbott LibreView CGM | Highly restricted, region-licensed; needs Practice IDs tied to regional accounts. | Account-based pull via integration partners (e.g. Junction). | Floating time basis needs careful timezone normalization; MFA often triggers out-of-band verification. |
| Whoop v2 | OAuth 2.0 authorization-code; granular scopes (read:recovery, read:sleep…). Free with a membership. | RESTful polling of paginated sleeps/workouts/recoveries (~4 KB/day). | v2 dropped v1's webhooks for polling. |
| Oura v2 | OAuth 2.0; requires an active paid subscription for Gen3/Gen4 to transmit via API. | JSON with a data array + next_token pagination; deep endpoints (daily_sleep, heart_rate…). | API access was pulled from non-members in 2024–25. |
| Meta Device Access Toolkit | Android SDK rather than a REST API. | Real-time StreamSession / VideoFrame classes — camera, mic, high-frequency sensors. | Built for on-device hardware streaming, not cloud pulls. |
| J-Style / JCVital BLE SDK | Direct Bluetooth Low Energy SDK — no cloud-to-cloud needed. | Raw 50 Hz PPG via BLE characteristics; webhook events (health.ecg.irregular_rhythm). | Cross-platform Flutter; among the most open raw-data models here. |
| Empatica Cloud API (trials) | Built for Clinical Trial Management Systems; sponsor-level access. | Avro/CSV exported straight into AWS S3; 300+ FDA-cleared biomarkers. | Remote participant + wear-compliance management. |
| EnLiSense SWEAT AWARE | Hierarchical org-admin model approves user access. | API/SDK pull of continuous cortisol, CRP, calprotectin streams. | B2B2C / research orientation. |
There's a counterintuitive split here. The big consumer brands like Oura and Whoop increasingly put API access behind a paid membership, while hardware built for researchers and developers, such as Empatica and J-Style, offers the most open raw data. So the devices you can most easily pull clean data from are often not the ones a typical patient is buying.
Data-aggregation middleware
Native APIs fragment fast: different schemas, different endpoints, different token lifecycles, and frequent deprecations. A market of "wearable middleware" has grown up to handle the OAuth logic and normalize all that disparate JSON into one model, so an app can query Garmin activity and Oura sleep through the same endpoints.
| Platform | Core strength | Integrations & features | Best for |
|---|---|---|---|
| ROOK | Data normalization | Fitbit, Garmin, Whoop, Apple Health, Oura — one integration for many. | Enterprise fitness/wellness apps needing real-time analytics. |
| Open Wearables | Unified schema + AI | Normalizes complex data (e.g. Oura temperature deviations); includes an MCP server to connect data to LLMs. | Open-source option; full data ownership, no per-user SaaS fees. |
| Validic | Clinical & EHR integration | Dexcom, Abbott, Withings Pro, Smart Meter; handles strict medical licensing. | Hospital systems needing FDA-cleared device data. |
| Vitalera | Rapid development | Auto-generates integration code; high-volume biometric/behavioral data. | Digital-health products and insurers scaling fast. |
| Impilo | RPM logistics + SDK | Device shipping logistics and bidirectional flow for Biobeat, Omron, AliveCor. | Remote-patient-monitoring programs. |
| Terra | High-frequency webhooks | Dexcom, Garmin, Oura; raw data to JSON, FIT or FHIR; pushes to Mongo/GCS/SQL. | Fast-scaling consumer apps needing instant webhook delivery. |
Validic remains the trusted intermediary for locked-down, FDA-cleared devices like Dexcom and Abbott CGMs. Open Wearables takes the token-refresh lifecycle off your hands while staying open-source, and ships an MCP server so an AI assistant can work over a person's normalized health data.
Why this sits at the heart of WearScore
In WearScore, empowerment is a property of a device's plumbing rather than a slogan. A device that lets you export clean data through an open API, or even a plain CSV, hands real control to the patient. One that locks its API behind a fee or keeps the data inside an app does not. That is the layer the empowerment score is judging; the how rating works page has the full rubric.