For the Access Token Request, the docs say: The Authorization header should be set to Basic followed by a space and a Base64 encoded string of your application's client id and secret concatenated with a colon.

If you Base64 decode 'Y2xpZW50X2lkOmNsaWVudCBzZWNyZXQ=', it will show you 'client_id:client secret'. You can also try this at https://www.base64decode.org/ . This is just an example. You should use your actual client id and secret concatenated with a colon.

The equals sign at the end of the Authorization is not an assignment. It's part of the Base64 encoding.

Can you please help me figure out why I would be getting a 401 error from this:

string code = Request.QueryString["code"];
              WebRequest req = WebRequest.Create(@"https://api.fitbit.com/oauth2/token?client_id=229NH5&grant_type=authorization_code&code=" + code);
              req.Method = "POST";
              req.Headers["Authorization"] = "Basic " + Convert.ToBase64String(Encoding.Default.GetBytes("229NH5:e28e292314689d6bff7f0acb3ffce4ca"));
              HttpWebResponse resp = req.GetResponse() as HttpWebResponse;

My frustration level is off the charts. It should not be this difficult. We have 3 programmers that are now trying to figure this out with no luck so far.

We can't debug your code, but if you capture the HTTP request, we can help debug that.

If you don't have an existing tool to do this, you can get the basic version of Runscope free with this special link: http://runscope.com/fitbit

The most useful to you will be:

Runscope Traffic Inspector: https://www.runscope.com/docs/inspector

Runscope Request Capture: https://www.runscope.com/docs/request-capture

Are you trying to do this in a MVC application?
In that way, i can help you.

No I am not using an MVC application. I am trying to set up an authorization header in order to get the access token. We can successfully do this in the Postman chrome plugin but cannot figure out how to do this within our code. We have pulled in two other programmers to help with this and so far every google suggestion we have tried has failed. This is incredible that this should be this hard and that there is no more documentation available. Anything you can do to help would be much appreciated.

The code is c#, right?

I had problems with a normal .net project (and with the windows phone also), now i'm using a webapi and OAuth 2.0 successfully.

You need to do your own code, i cant give you a copy-paste working sollution, but this will help:
[or you can use this repo, but your own code is better https://github.com/aarondcoleman/Fitbit.NET]

1.) First,you need to authorize the user.
  a.) For this, you need to redirect the user to the fitbit website, [the user log in] then catch the callback.
  XXXXX is your cliend id, and the WEBSITE is where the fitbit navigate back
(in my project: http://tepapi.azurewebsites.net/fitbit/callbackv2 , it can be localhost for developing)

  return Redirect("https://www.fitbit.com/oauth2/authorize?response_type=code&client_id=XXXXX&display=touch&redirect_uri=WEBSITE&scope=activity%20location%20profile%20settings%20social%20weight");

 b.) After the user logs in, the fitbit will call the WEBSITE, with a code uri parameter.
To get the url, use this:

  var url = Request.Url;

Then you need to exchange the tokens.

  var token = Base64Encode("CLIENT_ID:CLIENT_SECRET");

 using (var wb = new WebClient())
            {
                var data = new NameValueCollection();
                data["grant_type"] = "authorization_code";
                data["client_id"] = "CLIENT_ID";
                data["redirect_uri"] = "http://tepapi.azurewebsites.net/fitbit/callbackv2";              
                data["code"] = code;

                wb.Headers["Authorization"] = "Basic " + token;

                var response = wb.UploadValues("https://api.fitbit.com/oauth2/token", "POST", data);
                var responseString = Encoding.ASCII.GetString(response);

            });

The responseString will contains the response from fitbit -> the user tokens and data.
If something wrong, then you will get an exception on the wb.UploadValues.
Dont forget to change the redirect_uri to yours 😉

2.)In the last step you gained the user tokens, so you can make a call (for example to download the user exercises for today).

   string urlworkout = "https://api.fitbit.com/1/user/" + user.encoded_userid + "/activities/date/2015-08-14.json";

                            HttpWebRequest request = (HttpWebRequest)WebRequest.Create(urlworkout);
                            request.Method = "GET";
                            request.Headers["Authorization"] = "Bearer " + user.access_token;
                            request.Accept = "application/json";

                            WebResponse myResponse;
                            string results = "";

                                myResponse = request.GetResponse();

                                StreamReader httpwebStreamReader = new StreamReader(myResponse.GetResponseStream());
                                results = httpwebStreamReader.ReadToEnd();

                                myResponse.Close();
                                httpwebStreamReader.Close();

                            
                          

Note:
I'm working with fitbit since january. I lost my mind a hundred of times, but our users need this.
Now i'm working on the subscription modell, thats harder than this 😕

Thank you so much. Your code worked with just a few modifications. We tried every variation on this syntax that google provided and nothing worked. You should post this as part of the documentation as to how to do this using c#. Perhaps it could save someone a weeks worth of work. Thanks again.

No problem.

In the FitbitClient.cs file, the following method exists:

       public Weight GetWeight(DateTime startDate, DateRangePeriod period)
        {......}

The parameter "period" has the data type of DateRangePeriod. Within this method, "period.GetStringValue()" is called. The GetStringValue() method is not associated with the enum DateRangePeriod and therefore gives an error. Can you tell me how to associate the GetStringValue() method to this enum data type?

Thanks

James
          

You helped me so much by showing me how to pull in user data.

Now we have been working on trying to post data for about two weeks with no luck so far.

Can you please take a look at this code snippet and tell me what I am doing wrong? Thanks in advance.

 urlworkout = "https://api.fitbit.com/1/user/" + "3MQRBF" +"/body/log/weight.json";
 string postData = String.Format("weight={0}&date={1}", "69.99", "2015-08-13");
 byte[] bytedata = Encoding.UTF8.GetBytes(postData);
 HttpWebRequest request2 = (HttpWebRequest)WebRequest.Create(urlworkout);
 request2.Method = "POST";
 request2.ContentLength = bytedata.Length;
 request2.ContentType = "application/x-www-form-urlencoded";
 Stream requestStream = request2.GetRequestStream();
 requestStream.Write(bytedata, 0, bytedata.Length);
 requestStream.Close();

Its almost midnight here and i not tried (yet) to post data to fitbit, but i see a few problems:

- you are trying to post to the "3MQRBF" user, thats ok for developing, not for publish
- you are missing the authorization header (the thing with the Bearer + token) from the request2

- the content type that you are setting is x-www-form-urlencoded, but you are sending json, i dont know that this is right or not

---

@freeubi wrote:

- the content type that you are setting is x-www-form-urlencoded, but you are sending json, i dont know that this is right or not

---

Good feedback. Just want to correct one thing: it looks like they're sending form data, not JSON, which is correct. The curly braces are just for string replacement.

---

@jschrimshire wrote:
3MQRBF is the current logged in user. What should I use here?

---

You can use a hypen, e.g. "https://api.fitbit.com/1/user/-/body/log/weight.json". This will tell the API that you're making a request on behalf of the user whose API access token you're using.

---

@jschrimshire wrote:
I have tried several times to get help in the forum on how to post data, but so far no one has helped. About the only thing I get told is refer to the documentation which is no help at all.

---

POSTing data isn't a concern of the Fitbit API—this is a standard function of HTTP. You should consult your HTTP library's documentation on how to do this.

You are still missing the authorization header. Its not gonna work for without that.

Thank you. I have now included the authorization header as you can see below but it still does not work. Do you have another suggestion?

urlworkout = "https://api.fitbit.com/1/user/-/body/log/weight.json";
 string postData = String.Format("weight={0}&date={1}", "69.99", "2015-08-13");
 byte[] bytedata = Encoding.UTF8.GetBytes(postData);
 HttpWebRequest request2 = (HttpWebRequest)WebRequest.Create(urlworkout);
 request2.Method = "POST";

request2.Headers["Authorization"] = "Bearer " + responseString; //This is the access token
 request2.ContentLength = bytedata.Length;
 request2.ContentType = "application/x-www-form-urlencoded";
 Stream requestStream = request2.GetRequestStream();
 requestStream.Write(bytedata, 0, bytedata.Length);
 requestStream.Close();