Hi there,

I've been repeatedly reading over the Web API docs, looking for examples, and so on..  I think I must be missing something crucial here..

It seems that to get consent, and consequently an access token to use against the Fitbit Web API's, the application must redirect the user to the OAuth consent page that allows the user to explicitly sign off on the app's intent to make requests on their behalf. 

I am failing to understand how this is possible for Fitbit OS clock faces (and for that matter, Fitbit OS  applications as well). 

For example, I'd like to have a clock face fetch some data from the Food Logging API (https://dev.fitbit.com/build/reference/web-api/food-logging/), and display the total amount of calories the user has logged so far in their food entries. Since there is no Web Browser on the Fitbit device, I am not seeing any other way than to embed a never-expire access token within the code that I need to manually generate myself, and even then this seems like it would only work for personal applications.

Forgive me if I am missing something obvious here. 

Thanks