Solved: Checking scopes by default on the authorization co...

SunsetRunner · ‎09-29-2019

My problem is that even though I explicitly require some default scopes by setting them in the Oauth2 client I use, no scopes are checked by default on the consent page. The URL I navigate from my app is a similar one to the following: https://www.fitbit.com/oauth2/authorize?scope=activity%20heartrate%20location%20profile%20sleep%20we... and I would expect that the "activity", "heartrate", "location" etc. scopes are checked by default.

Could you provide me some hints why I face this issue? Or is this behaviour intended?

JohnFitbit · ‎10-02-2019

Hi @SunsetRunner,

Welcome to the forums!

Due to data privacy laws, the default behavior of the scopes page needs the checkboxes to be disabled.

In your onboarding process, you can state that “For the best user experience, we recommend you enable all scopes”.

I hope this clarifies things. Please let me know if you have any additional questions.

View best answer in original post

JohnFitbit · ‎10-02-2019

Hi @SunsetRunner,

Welcome to the forums!

Due to data privacy laws, the default behavior of the scopes page needs the checkboxes to be disabled.

In your onboarding process, you can state that “For the best user experience, we recommend you enable all scopes”.

I hope this clarifies things. Please let me know if you have any additional questions.

Join us on the Community Forums!

Community Guidelines

Learn the Basics

Join the Community!

Not finding your answer on the Community Forums?

Go to the Help Site

Contact Support

Checking scopes by default on the authorization consent page

SunsetRunner

JohnFitbit

JohnFitbit