help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Fitbit Oauth URLs Broken Overnight

‎08-15-2024 02:41

‎08-15-2024 02:41

I have a GitHub Actions workflow which runs every 4 hours.

There's an issue with the refresh/access token. When I tried to manually update, I used this URL:

https://www.fitbit.com/oauth2/authorize?response_type=code&client_id=""&redirect_uri="https://localh...

(I've removed the client ID etc).

Now I see this error:

The app you're trying to connect did not provide valid information to Fitbit. Please report this issue to them.

Developer information: unauthorized_client - Invalid client_id

The Client ID is correct. status.fitbit.com now says "UPDATE2: We are expanding the maintenance window to end on August 14th."

Could this be related? I have no idea what's wrong. It's worked fine for years!

 

Best Answer
Labels:
0 Votes
4 REPLIES 4

‎08-15-2024 02:45

‎08-15-2024 02:45

I stripped the "'s from the URL, now I get this:

Failed to authenticate. Response from Fitbit API:

{'errors': [{'errorType': 'invalid_client', 'message': 'Invalid authorization header. Client id invalid. Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process.'}], 'success': False}

The client ID is is correct. That's one of the most static things of Oauth!

Best Answer
0 Votes

‎08-21-2024 10:52 - edited ‎08-21-2024 10:53

In response to o6uoq

‎08-21-2024 10:52 - edited ‎08-21-2024 10:53

Hi @o6uoq 

Thank you for your patience.   I'm not sure the maintenance being performed would cause this problem.   You said when you try to manually update the access and refresh tokens you are getting the error.   The endpoint you said you called to update the tokens is the authorization URL.  While you can use the authorization endpoint to obtain updated access and refresh tokens, it is not the best approach.   

Instead, try using the refresh token endpoint.  It will perform fewer verification checks than the authorization URL in order to refresh tokens.   

Let me know how this works for you.

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer
0 Votes

‎08-21-2024 13:33

In response to Gordon-C

‎08-21-2024 13:33

I had to manually go through the Oauth flow and I was able to recreate tokens and now it's working. How do I close this post?

Best Answer
0 Votes

‎08-28-2024 17:35

In response to o6uoq

‎08-28-2024 17:35

I'll take care of closing the post.   Thanks for the update.

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer
0 Votes