Does Strava MCP fetch raw sensor data?

It can fetch Strava activity streams for recorded activities when available, such as heartrate, cadence, watts, altitude and GPS. It does not provide continuous 24/7 raw device telemetry.

Where do Strava secrets live?

Strava credentials and OAuth tokens stay on the user's machine under ~/.strava-mcp/. MCP tools intentionally do not return OAuth token values.

Is GPS returned by default?

No. Summary mode removes GPS/map fields and structured mode limits geometry. Raw GPS streams require explicit include_gps=true or privacy_mode=raw.

Does it support Hermes agents?

Yes. setup --client hermes writes a pinned Hermes MCP config and local skill. doctor --client hermes checks the server config and recommends /reload-mcp instead of gateway restarts for normal data access.

stravamcp.vercel.app · open source · unofficial

Turn every activityinto agent-ready signal.

Strava MCP is a local-first bridge that lets AI assistants reason about runs, rides, routes, streams, heart rate, power, elevation and weekly load without handing them your tokens or exposing GPS by accident.

Install in 3 commands Give this to your agent

npx -y strava-mcp-unofficial setup

21 toolsactivities, streams, routes, stats
6 resourcesagent-readable context
0 write scopesread-only by default
Scope-awaredoctor catches weak tokens

Unofficial.This project is not affiliated with, endorsed by, sponsored by, or supported by Strava, Inc. Use it only with your own account and the official Strava OAuth flow.

Primary sitestravamcp.vercel.app SourceGitHub repo Installnpm package MirrorGitHub Pages

The product idea

From workout log to training intelligence.

Charts tell you what happened. Agents can help decide what to do next: push, consolidate, change route, protect recovery or investigate intensity drift.

Read the effort

Activities, streams, zones, routes, clubs and gear come from your authorized Strava account.

Protect location

GPS is useful but sensitive. Summary and structured modes avoid raw route geometry unless you explicitly ask.

Choose the next move

Your assistant can convert load, distance, elevation, HR and power into practical training decisions.

Data boundary

Clear about what Strava exposes.

This bridge uses the official Strava API v3. It can read activity streams when Strava provides them, but it does not claim continuous sensor telemetry.

Yes

Activities and streams

Runs, rides, swims, distance, moving time, elevation, HR, power, cadence, zones and recorded activity streams.

Raw

Upstream API payloads

privacy_mode=raw returns supported Strava endpoint JSON. GPS streams require explicit intent.

No 24/7 telemetry

Strava activity streams are tied to recorded activities, not continuous wearable telemetry outside workouts.

Local-first architecture

Designed for trust before scale.

OAuth stays official, tokens stay local, and MCP tools expose clear contracts for agents instead of scraped or ambiguous data.

Official API boundaryNo private Strava endpoints or hidden scraping.

Agent-readable contractsstrava_agent_manifest and strava_capabilities explain tools, limits, clients and privacy modes.

Training workflowsDaily and weekly summaries turn activities into decisions.

Architecture diagram showing Strava OAuth through a local MCP server into AI agents

Guided setup

Install it without becoming a developer.

Create a Strava app, run three commands, then paste one MCP config into your AI client.

Path A

I am a human

Create a Strava API app, paste credentials into setup, authorize once in the browser, then run doctor.

Path B

I want my agent to help

Copy the delegation prompt below. It tells your assistant exactly what to install and what not to expose.

Jump to agent prompt

Step 1

Create your Strava app

Open Strava API settings and use a local callback.

Redirect URIhttp://127.0.0.1:3000/callback

Read scopesread activity:read_all profile:read_all

Open Strava API Settings

Step 2

Authorize locally

The CLI collects credentials, opens Strava in your browser and stores tokens locally. doctor now verifies the token has activity:read_all profile:read_all read before agents start calling activity tools.

npx -y strava-mcp-unofficial setup
npx -y strava-mcp-unofficial auth
npx -y strava-mcp-unofficial doctor

Step 3

Connect your AI assistant

Use it with Claude Desktop, Cursor, Windsurf, Hermes, OpenClaw or any MCP-over-stdio client.

Server installs can run setup --client hermes, then verify with doctor --client hermes and hermes mcp test strava. After config changes, use /reload-mcp; no gateway restart is needed for normal data access.

Show MCP config

{
  "mcpServers": {
    "strava": {
      "command": "npx",
      "args": ["-y", "strava-mcp-unofficial"]
    }
  }
}

Toolbelt

Built for agents that need decisions, not screenshots.

Start broad with summaries, then drill into a specific activity, stream, route or zone only when it matters.

Activitieslist, details, zones, streams

Training summariesdaily and weekly load reviews

Routesroute metadata with GPS caution

Athleteprofile, stats, HR/power zones

Agent manifestclient rules, Hermes aliases, install contract

Safetystatus, audit, cache, revoke

Trust boundary

GPS is treated like a secret.

Routes can reveal home, work, habits and routines. This MCP is designed so agents get useful training context without seeing OAuth tokens or raw coordinates by accident.

Read-only default

No upload/write scope in the default install.

Local tokens

Tokens live under ~/.strava-mcp/ with user-only permissions.

GPS guarded

Raw lat/lng streams require explicit opt-in.

No medical advice

Training context, not diagnosis or treatment.

For AI agents

A delegation prompt that does not guess.

Give this to an assistant when a non-technical user wants help installing the bridge safely. Agents should read strava_agent_manifest once connected.

Install the unofficial Strava MCP server for me.
Repository: https://github.com/davidmosiah/strava-mcp

Help me create a Strava API app with:
- Redirect URI: http://127.0.0.1:3000/callback
- Read-only scopes: read activity:read_all profile:read_all

Run setup, auth and doctor with npx.
If this is Hermes, use setup --client hermes
and doctor --client hermes.
Reload MCP with /reload-mcp or hermes mcp test strava.
Do not restart the Hermes gateway for normal Strava data access.
Doctor must confirm oauth.scope_status is ok.
Add the MCP config to my client.
Keep tokens local and never print secrets.
Do not request raw GPS unless I explicitly ask.

Open source training agents

Make AI assistants better at respecting the route, the load and the body.

Star the repo, inspect the implementation, open issues or adapt the bridge for your own agent workflow.

Open GitHub npm package Quickstart