help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Authorization code verifier invalid error

‎08-04-2021 17:29

‎08-04-2021 17:29

Hello,

 

  We are trying to generate the token but ended up with an error "Authorization code verifier invalid". After retrieving the authorization code, I am calling the /oauth2/token end point to access the token with the parameters  client_id, code, code_verifier, and grant_type. I also  specifying the Authorization header to the request, and include the "Basic" token. Can anyone please help with the error "errorType":"invalid_grant","message":"Authorization code verifier invalid:? 

 

Thank you

Best Answer
Labels:
0 Votes
5 REPLIES 5

‎08-06-2021 11:33

‎08-06-2021 11:33

Hi @Gregor321 

 

Would you please private message me your authorization string and the /oauth2/token endpoint which is returning the error?   

 

Thanks!

Gordon

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer
0 Votes

‎08-09-2021 10:17

In response to GordonFitbit

‎08-09-2021 10:17

Hi @Gregor321 

 

There was an error in our documentation and example for implementing PKCE.   We just fixed the documentation.   Would you please review https://dev.fitbit.com/build/reference/web-api/developer-guide/authorization/#Authorization-Code-Gra... to see if it helps.   If you still receive the error please let me know.

 

Gordon

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer
0 Votes

‎08-11-2021 17:24

In response to GordonFitbit

‎08-11-2021 17:24

I'm having the exact same issue where I keep receiving the "Authorization code verifier invalid:" error. I'm absolutely sure the code verifiers match up and that I hashed and encoded the code challenge correctly. I even tested using the example code verifier and code challenge provided. I've read through the documentation, and I'm pretty sure I've followed those steps. GordonFitbit, could you please specify what was changed about the documentation and what the exact issue was? Thank you so much!

Best Answer

‎08-11-2021 17:59

In response to ssshar

‎08-11-2021 17:59

Hi @ssshar 

 

In Step 1 of https://dev.fitbit.com/build/reference/web-api/developer-guide/authorization/#Authorization-Code-Gra... the section on transforming the code verifier into the code challenge had the incorrect formula and examples.  Are you following the same steps as documented?

 

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer

‎08-11-2021 22:29

In response to GordonFitbit

‎08-11-2021 22:29

From what I'm seeing, I definitely am! I've checked over it for several hours. I also hash/encode correctly because when I tried hardcoding the code_verifier as the example '01234567890123456789012345678901234567890123456789' I get the correct code challenge as shown in the example. And I also receive the following error from fitbit: 'Authorization code verifier invalid: 01234567890123456789012345678901234567890123456789'. And, I'm sure I'm sending the correct parameters as well to the token endpoint. Thank you so much for your help. Please let me know if you have any advice :). 

Best Answer