FAQ

Which platforms are currently available?

The current documentation includes iOS, Android, and shared API/authentication sections. React Native already works today through native iOS and Android bridges used by some clients in production, while the ready-to-use packaged React Native integration is still being prepared. Web documentation remains planned.

Who owns user identity data?

Your product owns user identity. WorkoutKit relies on JWT validation and does not require a separate WorkoutKit user account for end users. For user-specific features (e.g., progress tracking), the WorkoutKit API only stores the sub claim from your JWT token. We recommend using a UUID as the identifier for maximum privacy. exp is recommended when issuing tokens, and nbf is also supported.

Does the SDK send requests to third-party services for tracking or telemetry?

The SDK only downloads workout assets from a CDN dedicated to your environment. It does not send any other requests to third-party services for tracking, telemetry, or analytics. For GraphQL server requests, you can choose whether they are sent directly from the app or from your own backend.

Can I customize texts and behavior?

Yes. Both iOS and Android SDKs expose launch-time configuration options for key texts and behavior flags.

Can I fully reskin the mobile SDK UI?

Not through source-level modification in the standard SDK package. WorkoutKit mobile is delivered as a compiled SDK and remains FizzUp intellectual property. Full custom UI versions can still be delivered as part of a dedicated customization engagement.

Do you provide a dedicated test environment?

Yes. Each FizzUp B2B client receives a sandbox environment and a production environment hosted on the same technical infrastructure as FizzUp.

How are quotas and SLA defined?

Quotas, rate limits, and SLA commitments depend on your contractual offer. Unauthenticated protected API requests are rejected and are not counted against quota.

How long is the WorkoutKit launch signature valid?

The device-bound WorkoutKitToken returned with session-detail responses is valid for 1 day. The recommended integration pattern is to fetch the final workout session payload when the user is ready to launch the workout, then use the returned signature immediately.