GOFA API & Integration Overview
Welcome to the GOFA App API documentation hub. This section contains detailed API references and integration guides for the core features of the GOFA platform, including lesson plans, challenges, pose detection, body alignment, and more.
API Authentication Overview
GOFA App APIs require different types of authentication depending on the endpoint:
- Client Token (Backend/Admin JWT): Used for privileged operations such as managing client users and other admin tasks. Obtained via the Client Token API using your
clientIdandclientSecret. - Firebase JWT (User Token): Used for authenticating end users in the frontend or mobile app. Obtained via the User Auth API after signing in with email and password.
- AdminToken (Super Admin Only): Used exclusively by GOFA super admins for platform-level operations. This token is not issued to third-party integrators.
APIs Requiring Client Token (Backend/Admin JWT)
These endpoints require the JWT obtained from the Client Token API in the Authorization header:
| API / Guide | Description |
|---|---|
| Client Token API | Endpoints for retrieving client tokens for Client Admin API access |
| Client API Keys API | Create, promote, list, and revoke API keys for staged integrations |
| Client User API | Endpoints for client user management (list, create, update, delete) |
| Client Settings API | Manage client-specific settings and configurations |
APIs Requiring Firebase JWT (User Token)
These endpoints require the Firebase JWT (custom token) obtained from the User Auth API, typically used by frontend/mobile apps:
- User Auth API: Endpoints for front-end Firebase authentication and custom claims management
- Lesson Plans API: List and retrieve lesson plans, including metadata and tags
- Lessons API: List and retrieve individual lessons, including session structure
- Lesson Plays API: Start and retrieve lesson play sessions and results
- Challenge Plays API: Start and retrieve challenge play sessions and results
- Challenges API: List available challenges and their metadata
- AI Move API: Retrieve visible AI Move exercises and exercise details for authenticated client users
- Body Alignment API: Endpoints for body alignment assessment results
- Fall Risk API: Endpoints for fall risk assessments and results
- MSK Assessment API: Endpoints for MSK (shoulder, low-back, knee) assessments
- Cognitive Assessment API: Endpoints for cognitive assessment (HK-MoCA) results
APIs Requiring AdminToken (GOFA Super Admin Only)
These endpoints are reserved for GOFA platform super admins and require a special AdminToken. They are not accessible to third-party integrators.
| API / Guide | Description |
|---|---|
| Email API | Send onboarding and notification emails via the GOFA platform |
For questions or support, please contact the GOFA development team.