help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Does Revoking a User Token Also Remove Any Subscriptions for the User?

ANSWERED

‎07-23-2021 07:43

‎07-23-2021 07:43

Does revoking a user token (using https://dev.fitbit.com/build/reference/web-api/oauth2/#revoking-tokens) also remove any subscriptions for the user?

 

I want to provide an option in my app for the user to "Disconnect" data feed from Fitbit. I'm assuming I need to

  1. Remove any Subscriptions for the user
  2. Revoke the user's token

Thanks!

Best Answer
Labels:
0 Votes
1 BEST ANSWER

Accepted Solutions

‎08-03-2021 07:55

In response to Jeff_New_Ocean

‎08-03-2021 07:55

hi @Jeff_New_Ocean 

 

When the user revokes consent, we can sent you a notification stating the revoked occurred, and we should be deleting the subscription.   If you want to execute the Delete Subscription endpoint to confirm the subscriptions are removed, you can.   However, it should not be neccessary.

 

Gordon

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google

View best answer in original post

Best Answer
0 Votes
3 REPLIES 3

‎07-23-2021 10:56

‎07-23-2021 10:56

Hi @Jeff_New_Ocean.

 

When a user revokes consent to an application, Fitbit automatically deletes any subscriptions associated with that user and application. This prevents the application from receiving notifications for tokens that were invalidated.

 

Just so I understand, in addition to providing your Fitbit users an option to revoke consent to your application, you also want these users to have control of when your application is being alerted of new data available on their account? 

Best Answer
0 Votes

‎07-26-2021 08:34 - edited ‎07-26-2021 09:04

In response to JohnFitbit

‎07-26-2021 08:34 - edited ‎07-26-2021 09:04

Hi @JohnFitbit,

I was looking to give the users the ability to disconnect their Fitbit data consent from within our app (if they are connected), in the same location that they can decide to connect their Fitbit to our app (if they are not connected yet). I just assumed for completeness that if the user decided to revoke consent to our application (from within our app), we needed to also remove any subscriptions that were created for them.

Best Answer
0 Votes

‎08-03-2021 07:55

In response to Jeff_New_Ocean

‎08-03-2021 07:55

hi @Jeff_New_Ocean 

 

When the user revokes consent, we can sent you a notification stating the revoked occurred, and we should be deleting the subscription.   If you want to execute the Delete Subscription endpoint to confirm the subscriptions are removed, you can.   However, it should not be neccessary.

 

Gordon

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer
0 Votes