help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Getting 204 on subscription DELETE but subscription is still listed in user profile's Applications

ANSWERED

‎12-08-2021 12:47

‎12-08-2021 12:47

We're experiencing an issue where we get a 204 when trying to delete a user subscription, but the user subscription does not get deleted. Here's a sample cURL call:

curl https://api.fitbit.com/1/user/{user-id}/apiSubscriptions/{subscription-id}.json -H "authorization: Bearer {token}" -H "accept-language: en_US" -H "X-Fitbit-Subscriber-Id: {fitbit-subscriber-id}" -X DELETE -v
 
Here's the response we get back:
* Trying 104.16.65.50:443...
* Connected to api.fitbit.com (104.16.65.50) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
* CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=*.fitbit.com
* start date: Oct 28 10:52:09 2021 GMT
* expire date: Jan 26 10:52:08 2022 GMT
* subjectAltName: host "api.fitbit.com" matched cert's "*.fitbit.com"
* issuer: C=US; O=Google Trust Services LLC; CN=GTS CA 1D4
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fcb0980b600)
> DELETE /1/user/{user-id}/apiSubscriptions/{subscription-id}.json HTTP/2
> Host: api.fitbit.com
> user-agent: curl/7.77.0
> accept: */*
> authorization: Bearer {token}
> accept-language: en_US
> x-fitbit-subscriber-id: {fitbit-subscriber-id}
>
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
< HTTP/2 204
< date: Wed, 08 Dec 2021 20:32:12 GMT
< content-type: application/json;charset=UTF-8
< vary: Origin
< cache-control: no-cache, private
< content-language: en-US
< fitbit-rate-limit-limit: 1200
< fitbit-rate-limit-remaining: 1200
< fitbit-rate-limit-reset: 1668
< x-frame-options: SAMEORIGIN
< via: 1.1 google
< cf-cache-status: DYNAMIC
< expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< server: cloudflare
< cf-ray: 6ba8c2fb7cf30e66-DFW
<
* Connection #0 to host api.fitbit.com left intact
Best Answer
Labels:
1 BEST ANSWER

Accepted Solutions

‎12-08-2021 17:31

‎12-08-2021 17:31

Hi @girias-mfp,

 

Welcome to the forums!

 

A 204 is correct in this instance as this indicate.s the subscription was successfully deleted. You can confirm this by executing the Get Subscriptions endpoint.

 

Additionally, please note that deleting a subscription will not revoke access to the Fitbit user's account. To revoke access to a user's account, you must use the Revoke Token endpoint. Revoking a user's access_token will invalidate all refresh_tokens and subscriptions associated to that user. As a result, your application will no longer appear in the Fitbit user's shared application settings.

 

I hope this helps clear up any confusion. Let me know if you have any additional questions.

View best answer in original post

Best Answer
2 REPLIES 2

‎12-08-2021 17:31

‎12-08-2021 17:31

Hi @girias-mfp,

 

Welcome to the forums!

 

A 204 is correct in this instance as this indicate.s the subscription was successfully deleted. You can confirm this by executing the Get Subscriptions endpoint.

 

Additionally, please note that deleting a subscription will not revoke access to the Fitbit user's account. To revoke access to a user's account, you must use the Revoke Token endpoint. Revoking a user's access_token will invalidate all refresh_tokens and subscriptions associated to that user. As a result, your application will no longer appear in the Fitbit user's shared application settings.

 

I hope this helps clear up any confusion. Let me know if you have any additional questions.

Best Answer

‎12-10-2021 07:53

In response to JohnFitbit

‎12-10-2021 07:53

Hi @JohnFitbit

 

I really appreciate the response. I will test and let you know if we need further help, but I think this is what we need. Thanks!

Best Answer
0 Votes