Buzz
This week, Strava revealed plans to limit API access for certain third-party applications. While the company claims that the majority of developers won’t be affected, many athletes and cyclists are finding that this adjustment could eliminate key features or even entire apps they rely on.
Here’s a detailed look at what’s coming.
What is Strava again?
Strava is a popular app among runners and cyclists for tracking training progress, competing on leaderboards, and creating maps based on popular routes. I’ve hailed it as the top running app available, while also highlighting privacy issues related to its mapping features.
Beyond its core features, Strava is widely used to integrate with other apps. Most fitness trackers and their companion apps can sync with Strava, and numerous coaching and analysis tools can pull data from it as well.
What updates is Strava making to its data policy?
As outlined in the announcement on Strava’s website, third-party apps using Strava data will now only be permitted to display a user’s personal data, not data from others. This means apps like Oura can still access your run details from your Oura Ring, but tools that aggregate data from multiple users (such as those creating heatmaps or enabling coaches to monitor athletes) will no longer be supported.
Strava explains, “We aim to address situations where users connect to third-party apps without realizing their data is being shared beyond their personal use, such as in public feeds or heatmaps.”
The updated API terms also restrict third-party developers from using Strava data to train AI models and aim to “safeguard Strava’s distinctive design and functionality.” This implies that certain features are being removed from the API to prevent third-party apps from replicating Strava’s full feature set.
Which apps will face disruptions?
Numerous apps rely on Strava data, and developers have only recently been informed about the API updates, so a comprehensive list of impacted apps isn’t available yet. Strava estimates that “fewer than 0.1% of applications” will be affected, but if these include widely-used fitness tracking tools, a significant number of users will feel the impact.
Here’s what we know so far: Coaching apps will be hit hard, as they typically pull data from one user (the athlete) to share with another (the coach). The creator of intervals.icu, a popular analysis and coaching app, is advising athletes and coaches to adjust their settings to send data directly to intervals.icu, bypassing Strava.
However, this workaround isn’t feasible for everyone. Strava’s appeal for coaching and analysis apps stems from its compatibility with a wide range of devices, from smartwatches to bike power meters. Small app developers find it challenging to support every device, making Strava a convenient intermediary for data aggregation.
If you use Garmin devices and your preferred app can sync with Garmin, you’re in luck. Otherwise, you might lose access to those apps. (For instance, the developer of intervals.icu is currently working on integrating Zwift functionality.)
The updates could also prevent third-party apps from performing any form of analysis. As DC Rainmaker interprets the new API terms, even basic queries like “how many miles did I run this week?” might violate the revised API agreement.
What steps can you take?
If you rely on apps that pull data from Strava, visit their websites or check your emails to see if developers have addressed how they’ll adapt to Strava’s changes. You might be able to connect your data directly, as with Garmin and Zwift, but this depends on your devices, apps, and the data you need. This complexity is precisely what Strava was meant to simplify! Unfortunately, that era seems to have ended.
It’s ironic that Strava frames this change as a privacy enhancement for users. While Strava’s privacy settings are convoluted, leading to unintentional oversharing, this issue persists within Strava itself, and the company has done little to address it.
As I’ve noted before, Strava’s so-called “de-identified” data can still reveal individuals’ identities based on their running patterns. When I inquired about this, the company responded, “Public heatmaps, such as Weekly or Night, rely solely on aggregated, de-identified data—no personal details are included. Strava offers various privacy settings, allowing users to customize their experience, including opting out of the Global Heatmap. We are dedicated to enhancing these features with privacy as a top priority.”
However, when your running route itself serves as an identifier, removing personal details from running or cycling data doesn’t always ensure anonymity. Since only Premium users can access Strava’s most detailed mapping tools, free users often lack visibility into how their data is utilized. It appears Strava only addresses privacy concerns when they arise on third-party platforms, neglecting similar issues within its own system. (If this worries you, consider reviewing your privacy settings.)
