On June 1, 2026, Strava announced a batch of changes to its developer program, landing the same day as its official MCP Connector. The timing isn't random. Strava confidentially filed for an IPO earlier in 2026, and it's clearly tightening its grip on how its data gets accessed and used.
If you build on the Strava API, or you're thinking about it, here are the changes that actually matter and what to do about them.
1. API access now requires a Strava subscription
The big one, and the part most coverage gets slightly wrong: to keep Standard-tier API access, developers now have to hold an active Strava subscription. The API used to be free through a tiered access program. Strava's own developer update doesn't name a price. That subscription is just the normal Strava membership, which is $11.99 per month in the US and varies by country. So it is not a separate developer surcharge stacked on top of a subscription. The subscription is the cost.
It took effect on June 30, 2026, and existing active developers got three months free first. It applies per developer, not per app. The Extended Access Tier for larger partner apps and official device integrations like Garmin and Apple are exempt.
A growing developer community
Strava's developer community has grown from roughly 185,000 members a year ago to about 241,000 in 2026. The company has said it plans to continue supporting that ecosystem alongside these changes.
2. Some API endpoints are being retired
Strava plans to retire certain API endpoints to better protect user data. Developers get a 90-day grace period before these changes take effect, so existing integrations have time to adapt.
It's not all subtractions. Strava is shipping new developer tooling too. The official API changelog for June 1, 2026 lists a new deauthorization endpoint, your application's access tier now shown in the API Settings Dashboard, and self-service expanded access so you can request additional permissions directly.
Action item
Audit which endpoints your app depends on and watch the official changelog closely during the 90-day window. Check your application's tier in the API Settings Dashboard and use the new self-service flow if you need expanded access.
3. Tighter anti-scraping measures
A big motivation behind all of this is curbing data scraping. Strava is adding security around its website and will now require authentication to view certain data that used to be public. CEO Michael Martin pointed to AI companies “ruthlessly scraping public websites, given their endless need for training data” as part of the reasoning, and the company has said it turned down data-licensing offers from major AI labs.
This builds on Strava's updated API agreement from November 2024, which already established two key rules that remain in force:
- Display data only to its owner. Third-party apps may only show a user's Strava activity data back to that same user, not to other users.
- No AI/ML training. Third parties may not use data obtained through the API to train artificial intelligence or machine-learning models.
At the time, Strava said those 2024 changes would affect fewer than 0.1% of applications. The large majority of use cases, including coaching and performance-analysis tools, stayed permitted.
4. Official MCP support for AI access
Instead of letting AI tools scrape or repurpose API data, Strava is routing AI access through the Model Context Protocol (MCP), an open standard that lets AI assistants reach external data in a structured, permission-scoped way. The first product of that strategy is the consumer-facing Strava MCP Connector, which lets subscribers query their own data through Claude. For Strava, MCP means tighter control over exactly what gets shared and how.
What this means for developers
For the vast majority of legitimate apps (training analytics, visualizations, automation, that sort of thing), building on Strava is still very much worth it. The practical takeaways:
- Keep an active Strava subscription if you maintain a Strava integration, since that is now what Standard-tier API access requires.
- Review your endpoint usage now and track the changelog through the 90-day grace period.
- Confirm your app only surfaces a user's data back to that same user, and that you aren't feeding API data into AI/ML training.
- If your use case involves AI analysis, design around official MCP access rather than scraping.
New to the platform or need a refresher on the fundamentals? Start with our Strava API getting-started guide and the full developer documentation, covering authentication, webhooks, and best practices.