07-06-2016 12:57 - edited 07-06-2016 12:58
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

07-06-2016 12:57 - edited 07-06-2016 12:58
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Hi,
I try to use OAuth2, and looks like FitBit falls back to OAuth1 for some reason.
What I am doing:
1. I send authorize URL in the from of:
2. I land on Fitbit OAuth2 authorization page
3. I click "Allow" button
4. After that I redirected to Fitfit OAuth 1 page: https://www.fitbit.com/oauth/authorize?oauth_token=<my token>#_=_ that also have "Deny" and "Allow" buttons.
5. After I click "Allow" button again I got redirected to the page I specified originally in redirect_uri parameter with addition of "?oauth_verifier=<token>&oauth_token=<token>", which is OAuth 1 parameters (while omiting "state" as well)
If click on "Deny" button on the 1st OAuth2 page, I got redirected to my redirect_uri with correct query parameters.
What I am doing wrong?
P.S. In Fitbit settings I choose "Server" as application type and I want to use Authorization Code Grant Flow mode.
Thank you,
Dmitry

- Labels:
-
OAuth 1.0a
-
OAuth 2.0
07-08-2016 07:30
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

07-08-2016 07:30
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
[bump]

