Environments & credentials
Base URL
The production API lives at:
https://api.trainingym.com
Credentials are per center
Each set of integration credentials is bound to one or more centers. When you generate an API key, the token carries the scope of those credentials, so every call automatically operates on the correct center — you never pass a center id in the route or body.
If your integration serves several centers, you will typically hold one set of credentials per center.
Roles
Credentials are granted specific roles depending on what your integration needs:
| Role | Grants access to |
|---|---|
Members | Member data and access endpoints |
Activities | Activity calendars and schedules |
Notifications | Push notifications |
Ask the integrations team for exactly the roles your use case requires — credentials are issued with least privilege by default.
Keeping credentials safe
- Store credentials in a secret manager, never in source control.
- Rotate credentials immediately if they may have leaked; contact integraciones@trainingym.com to reissue.
- Prefer server-to-server calls; do not embed credentials in mobile or browser clients.