Solved: Re: Error 403 on pulling VO2 Max (cardio fitness)

leerogers · ‎11-19-2025

Hi there.

I am trying to pull data at https://api.fitbit.com/1/user/-/cardioscore/date/YYY-MM-DD.json and getting a 403 (PERMISSION_DENIED) error. I have scopes "activity profile sleep heartrate weight" granted in the authentication of the app and have authorized it.

SUCCESSFUL:

https://api.fitbit.com/1/user/-/activities/date/YYY-MM-DD.json
https://api.fitbit.com/1/user/-/body/log/weight/date/YYY-MM-DD.json
https://api.fitbit.com/1/user/-/activities/active-zone-minutes/date/YYY-MM-DD/1d.json

UNSUCCESSFUL:

https://api.fitbit.com/1/user/-/cardioscore/date/YYY-MM-DD.json
https://api.fitbit.com/1/user/-/spo2/date/YYY-MM-DD.json

The cardio fitness score is available in the app.

Am I missing a scope or something?

Thanks for any help.

leerogers · ‎11-20-2025

Sorry, I found the problem in case anyone else sees these kinds of problems. Right on the reference page, I found "Scope: cardio_fitness". Added the scope to the oauth flow and it works. SMH

View best answer in original post

leerogers · ‎11-20-2025

Sorry, I found the problem in case anyone else sees these kinds of problems. Right on the reference page, I found "Scope: cardio_fitness". Added the scope to the oauth flow and it works. SMH

Join us on the Community Forums!

Community Guidelines

Learn the Basics

Join the Community!

Not finding your answer on the Community Forums?

Go to the Help Site

Contact Support

Error 403 on pulling VO2 Max (cardio fitness)

leerogers

leerogers

leerogers