How do I install Withings?

Withings is a local plugin. Install it using npm package: withings-mcp-unofficial and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

What credentials does Withings need?

Withings requires the following credentials or environment variables: WITHINGS_CLIENT_ID, WITHINGS_CLIENT_SECRET, WITHINGS_REDIRECT_URI, WITHINGS_TOKEN_PATH, WITHINGS_PRIVACY_MODE, WITHINGS_CACHE, WITHINGS_CACHE_PATH, WITHINGS_NO_CACHE. You can find setup instructions on the server detail page.

What AI apps work with Withings?

Withings uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Withings MCP Server

by davidmosiah

Developer ToolsLow Risk9.7Local

Free

Privacy-first, unofficial Withings MCP server for AI health, sleep, activity and heart-rate agents.

About

Privacy-first, unofficial Withings MCP server for AI health, sleep, activity and heart-rate agents.

Security Report

9.7

Low Risk9.7Low Risk

Valid MCP server (1 strong, 1 medium validity signals). No known CVEs in dependencies. ⚠️ Package registry links to a different repository than scanned source. Imported from the Official MCP Registry. 1 finding(s) downgraded by scanner intelligence.

4 files analyzed · 1 issue found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

file_system

Check that this permission is expected for this type of plugin.

database

Check that this permission is expected for this type of plugin.

What You'll Need

Set these up before or after installing:

Withings OAuth client ID. Optional when configured with withings-mcp-server setup.Optional

Environment variable: WITHINGS_CLIENT_ID

Withings OAuth client secret. Prefer withings-mcp-server setup so this secret is stored in ~/.withings-mcp/config.json instead of MCP client config.Required

Environment variable: WITHINGS_CLIENT_SECRET

Redirect URI configured in the Withings Developer Dashboard. Optional when configured with withings-mcp-server setup.Optional

Environment variable: WITHINGS_REDIRECT_URI

Optional local path for OAuth tokens. Defaults to ~/.withings-mcp/tokens.json.Optional

Environment variable: WITHINGS_TOKEN_PATH

Optional payload mode: summary, structured, or raw. Defaults to structured. raw means full Withings API payloads, not continuous 24/7 raw sensor telemetry.Optional

Environment variable: WITHINGS_PRIVACY_MODE

Optional SQLite cache toggle. Set to true or sqlite to enable.Optional

Environment variable: WITHINGS_CACHE

Optional local SQLite cache path. Defaults to ~/.withings-mcp/cache.sqlite.Optional

Environment variable: WITHINGS_CACHE_PATH

Set to true to bypass the in-memory HTTP response cache (60s TTL for GET only). POST/PUT/DELETE and 4xx/5xx responses are never cached regardless. Note: Withings's wbsapi.withings.net is POST-only today, so this is currently a no-op.Optional

Environment variable: WITHINGS_NO_CACHE

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-davidmosiah-withingsmcp": {
      "env": {
        "WITHINGS_CACHE": "your-withings-cache-here",
        "WITHINGS_CLIENT_ID": "your-withings-client-id-here",
        "WITHINGS_CACHE_PATH": "your-withings-cache-path-here",
        "WITHINGS_TOKEN_PATH": "your-withings-token-path-here",
        "WITHINGS_PRIVACY_MODE": "your-withings-privacy-mode-here",
        "WITHINGS_REDIRECT_URI": "your-withings-redirect-uri-here",
        "WITHINGS_CLIENT_SECRET": "your-withings-client-secret-here"
      },
      "args": [
        "-y",
        "withings-mcp-unofficial"
      ],
      "command": "npx"
    }
  }
}