05-14-2018 08:10
05-14-2018 08:10
Suppose a user from application database with user id 100 starts authorisation to Fitbit using endpoint http://localhost/api/100/fitbit/authorize and get authorised by callback http://localhost/api/fitbit/callback how can we identify which user got authorised so that we can store the access token and refresh token. callback url can not have user id 100 since Fitbit config does not allow to parameterise the url. Or is there any other way to identify the authorised user?
05-30-2018 15:33
05-30-2018 15:33
When you call https://api.fitbit.com/oauth2/token to get your access token, the User ID should be returned as part of the response. Trying playing with the OAuth 2.0 Tutorial Page (https://dev.fitbit.com/apps/oauthinteractivetutorial) to learn how the OAuth flow works.