Finding source of oauth API Error

brettr · ‎07-14-2014

I'm getting the error below for some of our users. One user started failing in April and the other the end of June. I'm not sure what the source of these failures are. If the user has deauthorized our app, how can I find that out?

<result><errors><apiError><errorType>oauth</errorType><fieldName>oauth_access_token</fieldName><message>Invalid signature or token 'abc=' or token 'xyz'</message></apiError></errors><success>false</success></result>

Thanks.

SunsetRunner · ‎07-14-2014

If you receive an HTTP 401 Unauthorized error accessing a resource owned by the person whose access credentials you are using, you can assume that the user revoked access to your application.

Call a user-owned resource using the '-' user ID convenience, such as https://api.fitbit.com/1/user/-/profile.json . If you get a 401 status code, it means that the user's access credentials are not valid.

ibahdanau · ‎07-14-2014

If at some point your access token stopped working that can only mean two things:

1) User had requested new access token through functionality that you ap may provided and you have not updated your database with new token

2) User had revoked access to your ap to use his data.

So if you 100% positive this is not case #1 then it means user revoked access for your ap to use his fitbit data. Unfortunately we don't provide more details then you are getting now with the response that you've pasted in your post.

Ivan Bahdanau
Senior Software Developer at Fitbit

Join us on the Community Forums!

Community Guidelines

Learn the Basics

Join the Community!

Not finding your answer on the Community Forums?

Go to the Help Site

Contact Support

Finding source of oauth API Error

brettr

SunsetRunner

ibahdanau