Hi Strava team,
we run Joinride (https://joinride.cc), a free platform for organizing group rides, runs and cycling events. Strava login is our most popular sign-in option.
Our API usage is intentionally minimal:
- OAuth login via Strava, requesting only the read and profile:read_all scopes
- Basic profile info (name, avatar) to create the user's account
- Official Strava embed widgets for routes, with "Powered by Strava" attribution
- We handle deauthorization webhooks, revoke tokens when users delete their account, and we do not store, sync or display any activity data
We have reached the athlete connection limit and now have to block new users from signing up with Strava. That is a bad experience for Strava athletes who simply want to use their existing account with us.
We applied to the Developer Program to get the limit raised. The application was rejected multiple times with a templated response that did not say what was insufficient. We then did a full compliance review (scope reduction, attribution everywhere Strava data appears, updated privacy policy, verified deauthorization flow) based on the public API Agreement and Brand Guidelines. But every request since has received the same generic answer with no actionable feedback, so we are stuck in a loop: we cannot fix what nobody names.
Our question: is there a way to get in contact with someone from the API or partnerships team to discuss our case directly? We are happy to provide screenshots, our privacy policy, data flow documentation, anything that helps. We just need to understand what specifically we need to change.
Thanks a lot!
Oliver (Founder of Joinride.cc)
