08-04-2016 15:05
08-04-2016 15:05
I'm getting an invalid refresh token when I try to migrate a user.
{"errors":[{"errorType":"invalid_grant","message":"Refresh token invalid: 0ac571b96816d64b3d54c138936bcd9f:855fd0c5bcc48b596ba1625d712c0826. Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process."}],"success":false}
anything obvious here?
08-04-2016 16:56
08-04-2016 16:56
Can you make a successful OAuth 1.0a request with that OAuth 1.0a access token and access token secret? I suspect the person might have revoked access to your application.
08-04-2016 19:51
08-04-2016 19:51
08-04-2016 20:19
08-04-2016 20:19
{"errors":[{"errorType":"invalid_grant","message":"Refresh token invalid: 762c68849ade1bef10c91005fc6752a1:ffb42561e91d48ccc88bc88f3639d5e4. Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process."}],"success":false}
I tried a more current user. The previous one was from a while ago but this one is recent. Do I have to use the clientid from the application they are currently tied to?
08-04-2016 20:27
08-04-2016 20:27
I figured it out. I appears that you have to use the same application that the user was registered under. This is going to be challenging for use as all of our oAuth v1 participants use different URLs to log in and only one application in the fitbit.com admin. oAuth v2 requires that the redirect_uri match the passed in redirect_uri.. Any suggestions?
08-05-2016 14:14
08-05-2016 14:14
Correct—the upgrade flow is for the application the person authorized. If a person has authorized App A, App B can't use access tokens belonging to App A.
You can specify multiple redirect URIs in the https://dev.fitbit.com/apps settings. Put one redirect URI per line.