Gympass system integration benefits

What are the benefits of integrating your access system with Gympass?

The access flow of Gympass users becomes easier and faster if your system is integrated with Gympass. The integration with Gympass automates the processes of users access validations and makes them independent of your front desk teams.

No, you don't. On a regular Gympass access integration flow, our user will activate your access system that is integrated with Gympass (card, turnstile, fingerprint, totem, etc) and your system will call our Access Control API, that will perform the entire user validation process.

What are the advantages of integrating with Access Control API instead of continuing integrated with Validation API?

The new Access Control API offers a faster response time than Validation API, offers more stability and availability and decreases the chance of failures when validating check-ins.

Implementing an access integration with Gympass

Which access management systems are already integrated with Gympass?

The following management systems already offer Gympass access integrations.

  • In US: ABC Financial and Jonas.
  • In LATAM: 4Tech, Cross X, EBrain, EVO System, Pacto, Polisystem, Socioplus and Tecnofit.
  • In EU: Brightlime, Control Plus, Exerp, Poliwin and Provis.

Regarding the integration process of each of these systems with Gympass, please, contact the service or consult the help content of these companies.
We are always integrating new systems with Gympass. Consult our list of integrated CMSs in this FAQ session.

Is it possible to integrate my proprietary system with Gympass?

Do I need any specific equipment? Will I spend on infrastructure? You can integrate your access management system (turnstiles, fingerprint, etc.) with Gympass if it allows customization for integration with REST APIs. No specific equipment is needed.

What professional profile I need to integrate a system with Gympass? What kind of knowledge is demanded for the job?

A company or technology professional trained in software development, capable of implementing a REST API with your system.

What information do I need to provide to a professional that will integrate a system with Gympass?

Along with the Developers Portal link (https://developers.gympass.com/), you need to share the following data, provided by Gympass Relationship or Techsales Team: The authentication token (It will allow access to our APIs) Your gym-id (It's your Gympass partner profile id)

How to revoke and create new API Keys?

Our partners should contact our Techsales team through the e-mail integrations@gympass.com to obtain their new API Keys.

Does Gympass offer support to professionals who are integrating a system with Gympass?

We have an integration support team, the Techsales team, which you can contact by email integrations@gympass.com if you have any questions during the process.

Is there any extra cost to integrate my system with Gympass?

There are no extra costs charged by Gympass for partners who want to integrate with our system. Costs of any nature that may be generated to partners during the integration process are not the responsibility of Gympass.

How can I test the integration with Access Control API before going live?

We offer a testing mechanism explained here that simulates each of the possibilities in requests and responses from Access Control API. The team assigned to implement the integration can use it for testing. We do not currently offer an environment that simulates 100% of our current integration flows, but we are preparing to offer this complete testing tool to our partners later this year.

Payment and Access flows for integrated partners

What is the mandatory access flow for Gympass users on integrated systems?

Before activating your access system (card, turnstile, fingerprint, totem, etc), the Gympass user must always check-in.

Why must users check-in before passing through your integrated access system?

Users check-ins are necessary to ensure that the conditions for accessing your services are being met safely, according to our partnership contract. When your system integrated with Gympass calls our API to validate an access, it queries the existence of a check-in by the user. If there is no check-in for the user, the validation request is denied.

Where can I track Gympass users accesses when my system is integrated?

The Check-in Validation Page is the tool used by non-integrated partners to validate the accesses of Gympass users.
This tool can also be useful for integrated partners in the following situations:

  • To follow the list of check-ins already validated by the integration, on the current day.
  • To manually validate check-ins during a temporary system failure.

I have more than one product, how do I know if the user has checked-in for the correct one?

Access Control API returns the product chosen by the user on its validation response.

The integration with Access Control API change the current payment process for Gympass users visits?

The accesses validated by the integration with Gympass do not alter the current payment flow for the visits you receive.

The nature and the flow of information used in the integration with Gympass are in compliance with GDPR? What kind of data is transferred through the integration with Gympass?

The integration process with Gympass does not traffic any sensitive user information and is in total compliance to GDPR, guaranteeing data privacy for our partners and users.

How long does it take for me to set up an integration with Access Control API? How soon will the integration be up and running?

The integration process with Gympass is conducted by the technology team designated by our partners and the timing of integration depends exclusively on what was agreed between the parties. Upon successful completion of the integration process, our relationship team authorizes the display of newly integrated units in our system.

How does integration work in the case of a network of gyms?

It is currently possible to create a single API Key for a network of gyms, however, each request made to the Access Control API includes a field that identifies each of its units, allowing the partner to have segmented control of Gympass user access.

If something goes wrong

What should I do if the user is unable to check in?

If the user is unable to check-in via Gympass app, please≤ advise them to contact our user support.

If an access/check-in is not validated by Access Control API, what partners should do?

If an user is able to check-in but our API does not authorize his access, it will return an error message that explains what happened:

  • Check-In not found in database Instruct the user to try check-in again. If it doesn't work and is happening to other users as well, please, contact our support in your region .
  • Check-In already validated You already validated a check-in for this user today. Only one daily check-in is allowed per user.
  • Check-In expired This check-in has expired. Ask the user to check in again.
  • Check-In canceled The user canceled this check-in. If the check-in was canceled by mistake, please, ask them to check in again.

Note: It is interesting that your system displays to your front desk team the error messages sent in response to non-validated accesses. It will help your team to correctly guide Gympass users.

How do I report a problem?

If there are any problems related to the integration with Gympass, you should contact our partners support in your region:


How does API authentication work? Where do I get the API access credentials?

You can find here details on how you can get the API Key for the Access Control API. API Keys are obtained by Gympass Partners through our Techsales team. If you need help you can talk to your Gympass Account Manager or our Techsales Team through the email address integrations@gympass.com.

What are the privileges that Gympass API Key offers to Access Control API?

The Gympass API Key for Access Control API allows partners to authorize and authenticate accesses at each one of its units.


How do I check the status of my API credentials?

If your credentials are not valid, the partner will receive a 401 code in response to an authentication attempt.

In case of Access Control API timeout, can I call the API again using the same payload, without the risk of registering duplicated validations?

Yes, in case of a timeout the partner can call the Access Control API again. No more than one validation will be recorded for the same access.

Technical implementation of Access Control API

Is there support for the Gympass integration process?

If you need help, you can talk to your Gympass Account Manager or our Techsales Team through the email address integrations@gympass.com.

How do I integrate a network?

When asking for your API Key to start the integration process with the Access Control API, it is important to mention that is a network integration and how branches you have. This way, a single authentication will be used for all branches on the network. The rest of the process remains the same.

What is the difference between unique_token and gympass_id?

None. These are two names to designate the same information, which identifies a Gympass user. "Unique Token" was the first term used by us, however, it was replaced by the term "Gympass ID", after evolutions in our platform.

Does Access Control API have an SDK?

The Access Control API doesn't offer an SDK yet.

What are the API response formats? JSON only?

Yes, JSON only.

Testing, Data and Reports

Can I consult the validations made through Access Control API?

The Partners Portal has an area called Check-in List, that offers the list of all validated check-ins, in real time. The list of validations performed on the current day can also be accessed through the Validation Page, also accessed through Gympass Portal. Both of these accesses are shared by our Relationship Team with Gympass points of contact among our partners staff.

How do I find out which version of the API I am using?

The API and its version are informed in its route (/access / v1 /validate), where the version (v1 in the example) always comes after the resource used.