403 Forbidden Error on Authorization Request (Clie...

rng-wf11 · ‎08-31-2025

Hello,

I am consistently receiving a 403 Forbidden error when trying to access the authorization URL for my application.

My Client ID is: 23QMBB

The URL that is failing is:
https://www.fitbit.com/oauth2/authorize?response_type=code&client_id=23QMBB&redirect_uri=http://127....

I have already done extensive troubleshooting and confirmed the following:
- My Application Type is correctly set to "Server".
- My Redirect URI is exactly "http://127.0.0.1:8080/".
- My Client ID and Secret in my script perfectly match the developer portal.
- I have tried regenerating the Client Secret, but the error persists.
- There are no duplicate scopes in the URL.

Could you please investigate if my application (Client ID: 23QMBB) has been suspended, flagged, or blocked for any reason? I believe all of my settings are now correct.

Thank you.

GordonFitbit · ‎09-04-2025

Hi @rng-wf11

I tested your authorization URL and figured out the problem. You have the redirect URL as http://127.0.0.1:8080/ and this is not supported by Fitbit. Instead, do the following:

change http to https
change the IP address from 127.0.0.1 to localhost

Therefore, your redirect URL should look like https://localhost:8080/.

Join us on the Community Forums!

Community Guidelines

Learn the Basics

Join the Community!

Not finding your answer on the Community Forums?

Go to the Help Site

Contact Support

403 Forbidden Error on Authorization Request (Client ID: 23QMBB)

rng-wf11

GordonFitbit