Getting Started

Granting User Access

Implement one of the initial integration options in order to grant premium access to Gympass users.

Requirements

  • Uniquely track Gympass users for commercial reporting purposes and payment
  • Receive and store the following parameters:
    • Email registered with Gympass
    • First name (as registered with Gympass)
    • Last name (as registered with Gympass)
    • Gympass User ID (ex: gpw-29caecdf-2d5e-40b8-82b4-d0a044fa)
    • [optional] Country Code of User (ex: br)

Integration via API

Do you already have a registration API? This is the preferred method for Gympass to integrate with you. Please share the documentation with us to evaluate.

Integration via Encrypted URL

Benefits and Requirements of this registration method:

  • Allow Gympass users to register through your regular sign-up flow
  • Able to prefill and "lock" the email and name form fields in the registration flow for added security

The user will be redirected to the URL that you provide us, with their data embedded in the Query Parameters, as shown in the example below.

The parameters will be individually encrypted and then encoded in Base64. The encryption will be made using AES256 CBC with PKCS7 padding and random generated salt.

(The data is encoded after encrypted due to the fact that the AES256 encryption can generate characters incompatible with the URL format)

We strongly suggest our partners make use of the github package https://github.com/mervick/aes-everywhere which contains the algorithm mentioned above (AES256 CBC with PKCS7 padding) implemented across multiple programming languages. You can use it with your language of choice and trust that it will be compatible with what we are using. You do not need to pay attention to the random IV or salt used since this package takes care of it for you.

The parameters should be first decoded and then decrypted, using the previously exchanged encryption key. These parameters should then used to sign up the user, this way the strong key data (such as e-mail) can be locked to that specific user.

Example:

www.yourwebsite.com/signup?email={encrypted_email}&firstname={encrypted_firstname}&lastname={encrypted_lastname}&gpw_id={encrypted_gympass_w_id}&country={encrypted_countrycode}

Other Required Information

In order to be able to do the full integration process we need to receive some complementary marketing information from you related to app description, language and market availability, and activities offered in the app. Please fill in this this survey.

Facilitating Payments

Reporting Usage Data

Events API data should be received as frequently as possible (preferably real time or daily). At the end of each month Gympass will calculate the amount due based on the contractual terms and will request an invoice from you to process the payment.

Payments Process

Timeline & Policies

  • An invoice will be requested from you by the Gympass team and should be received by the 10th of the month.
  • Payment will be made on the 25th of the month. If the invoice is not received on time for any reason, the payment will be pushed back to the 10th of the following month.
  • Payments below a threshold of $100 value will be aggregated to future payments until the $100 value threshold is met.

Invoices should be made using the following fiscal details:

All partners except those from Brazil: Gympass U.S., LLC 160 Varick St, New York, NY 10013 , United States VAT/ TAX ID: EIN 82-2685557

Brazilian partners: GPBR Participações Ltda. CNPJ 15.664.649/0001-84 Rua Casa do Ator, 919 - Vila Olimpia São Paulo SP 04546-003 Brazil

Managing User Access

What is a "Leaver"?

A "Leaver" is anyone who has either cancelled, paused, or downgraded their Gympass plan (to a tier that does not include your app) and therefore is no longer eligible to use your services.

How will you receive this information?

Gympass has developed an automated webhook solution to send user cancellation and status change events in real-time. Please find all the details of our webhooks here. It must be noted that partners offering 1:1 sessions and partners who have a multi-offer in place are required to integrate with webhooks to receive the user status updates in real-time. Optionally, but not recommended, Gympass will share a leavers file on a monthly basis via the Partner Portal. This option will be phased out by July 2021 at which point all partners must be integrated via webhook. This will be a .csv with the email and/or gpw_id of the users who need to have their access removed from your services. You have 3-5 business days to process this request on your side. Gympass will not pay for any visits related to users that have been shared in the "leavers" file until the user has repurchased a Gympass plan and is therefore eligible to your services again. If the user returns to use your services, it will be through the same initial Activate link click and flow.

Can I receive this information automatically?

We are currently working on an automated process to update the user status in real-time via an integration with your webhook(s).

Retrieving the leavers file from the partner portal

Step 1 - Receive Welcome Email You will receive a Welcome Email containing your login credentials

Step 2 - Log in Log in at Partners Portal with your email, click Continue and enter your password.

Step 3 - Retrieve the file Once inside the partner portal you will see the section Leavers file download. Simply choose which month you require and click on Download file. The corresponding csv file containing the gpw_ids and/or emails of the users who should be removed from the premium experience on your end will be downloaded and ready to process.

UX for Leavers

What is the UX for a "leaver"?

Due to the flexibility of a Gympass plan our users are able to pause, cancel, or downgrade their plan and return to purchase a Gympass plan whenever they want. That being said, it is important that you are able to disable access for these users shared in the leavers file and ensure a smooth UX.

Questions to consider:

  • What experience will a disabled user (leaver) have?

    • Will they be able to access a "free version" of your content?
    • Will they simply not be recognised by the system if they try to log in?
    • Any other possible UX that could take place?
  • If a user returns to purchase a Gympass plan and goes through the initial Activation process for your services:

    • Will the user automatically be re-granted access to the premium content?
    • Could there be any error due to an existing account?
    • Any other possible UX we should consider?

Ideal User Experience

The ideal UX is for a user who has cancelled, paused or downgraded their plan to not be granted access to the premium paid content. Nevertheless, users can continue to have access to the free/non-premium version of your app.

If a user repurchases their plan and follows the Activation process to regain access to their account, this should be a smooth process similar to the initial sign-up and should immediately grant the user access to the premium content again.

If the UX will be different from the above, please reach out to us at wellnesspartners@gympass.com to discuss the options.