Authorization Code for the Access and Refresh Toke...

Raju-SOA · ‎07-04-2024

we are using Fitbit Developer App for our user’s integration with Fitbit. We could see there are few failures happening on a daily basis for few sets of UserIDs when we are trying to invoke Fitbit OAuth calls

Retrieve access token from fitbit api call is failed for member: ***** , fitbit response: {"errors":[{"errorType":"invalid_grant","message":"Refresh token invalid: XXXXXXXXXXXXXXXXXX. Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process."}],"success":false}

In Order to overcome these failures, we might need to update the refresh token with the new value for those UserIDs. Can you please help us on understanding the process to generate the Refresh_Token for the set of UserIDs?

Gordon-C · ‎07-08-2024

Hi @Raju-SOA

There could be a few reasons why you are getting an error when refreshing the user's tokens.

The user could have revoked consent to your application. If this is the case, you'll want to delete the user's data based on the information in your terms of service and privacy policy. We support a subscription webhook notification letting you know when a user has done this.
The user could have deleted their account. If this is the case, you'll want to delete the user's data based on the information in your terms of service and privacy policy. We support a subscription webhook notification letting you know when a user has done this.
The refresh token got out of sync with what you have stored. The best option is to request the user to reconsent to share their data with your application. You can share your authorization URL with the user to have them go through the flow again. If the user has already enabled all scopes for your application, they will not be presented with the scope page to reconsent, and your application will receive a new access token and refresh token for the user.

If you're able to contact the user, you should be able to verify this information and/or provide additional instructions.

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google

Raju-SOA · ‎07-10-2024

Thanks for your suggestions @Gordon-C But unfortunately we wont be able to back trace the users and have them to go through the flow again. Is there any option that we can manually updated the valid refresh token in the database which we are maintaining for all the Fitbit users from our Organization?

Gordon-C · ‎07-10-2024

Hi @Raju-SOA

I sent you an email to see if I can determine the cause of the refresh token failures. If you don't see the email in your inbox, please check your spam folder.

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google

Raju-SOA · ‎07-15-2024

Hi @Gordon-C We have shared the details you requested for in an email couple of days back. Please review and let us know the next steps on this

Join us on the Community Forums!

Community Guidelines

Learn the Basics

Join the Community!

Not finding your answer on the Community Forums?

Go to the Help Site

Contact Support

Authorization Code for the Access and Refresh Tokens Needed for few members

Raju-SOA

Gordon-C

Raju-SOA

Gordon-C

Raju-SOA