help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 

HTML 401 Response

‎07-02-2020 10:11

‎07-02-2020 10:11

When my program tries to get new tokens, I am getting a 401 response with the error message: Invalid authorization header. Client id invalid.

 

I have been using this program for a while and have not made any changes to it.  I was not getting this error a few days ago.

Best Answer
Labels:
0 Votes
9 REPLIES 9

‎07-02-2020 14:23

‎07-02-2020 14:23

Hi @quantu 

 

Would you please send me the API endpoint that you're executing and the access token?

 

Thanks!

Gordon

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer
0 Votes

‎07-02-2020 15:27

In response to Gordon-C

‎07-02-2020 15:27

Forgive my ignorance, but do you mean post it here? I don't see how to send it to you directly.

Best Answer
0 Votes

‎07-02-2020 16:56

In response to quantu

‎07-02-2020 16:56

Never mind. I now see your email message.

Best Answer
0 Votes

‎07-02-2020 18:35 - edited ‎07-07-2020 12:10

In response to Gordon-C

‎07-02-2020 18:35 - edited ‎07-07-2020 12:10

https://api.fitbit.com/oauth2/token

 

 

Best Answer
0 Votes

‎07-06-2020 14:29

‎07-06-2020 14:29

Hi @quantu,

 

Apologies for any confusion, can you please provide me with your full HTTP request that you're sending when you receive this error? I need to see the endpoint you're calling, header, and body (if applicable)

Best Answer
0 Votes

‎07-06-2020 16:39 - edited ‎07-06-2020 16:40

In response to JohnFitbit

‎07-06-2020 16:39 - edited ‎07-06-2020 16:40

Is there any way that I can do this securely? I do not want to expose my client id and secret.

Best Answer
0 Votes

‎07-06-2020 16:53

In response to quantu

‎07-06-2020 16:53

@quantu Click on my name and you should be taken to my profile page. You should see an option to send me a message beside my profile information.

Best Answer
0 Votes

‎07-07-2020 16:35

In response to JohnFitbit

‎07-07-2020 16:35

@quantu Thanks for sending me your HTTP request. 

 

The Client Id I pulled from your base 64 token is showing up as invalid. When I checked our database, your client Id didn't show up. This means that it was either deleted, or it doesn't exist.

 

Can you confirm that you're using the correct Client Id? You can do so by logging into dev.fitbit.com and checking your app gallery at https://dev.fitbit.com/apps. Click on your application and you should see your Client Id and Client secret.

 

Another thing I noticed in your POST request was that you were missing the Content-Length header. This became required a few months ago, please see https://community.fitbit.com/t5/Web-API-Development/UPDATED-May-4-2020-New-header-requirements-for-P....

 

Let me know if this helps.

Best Answer
0 Votes

‎07-07-2020 18:53

In response to JohnFitbit

‎07-07-2020 18:53

Thanks for pointing out the missing Content-Length header.

 

I will send you a message concerning the Client Id.

Best Answer
0 Votes