I'm trying to register weight and body fat percentage information via the API.
I can view the information, but when registering it I get a 403 error.
However, introspect shows that I have write permission.
Do you know what the problem is?
I generated the token using Fitbit OAuth 2.0 Tutorial.
I tried both Server and Personal OAuth 2.0 Application Type, but it didn't work.
The problem is written in Python, but I will provide the minimum code to reproduce it in curl.
Below is an example tried using curl.
Note that the weight and BMI are not actual values.
```bash
export FB_CLIENT_ID=XXXXX
export FB_CLIENT_SECRET=XXXXX
export access_token="XXXXXXXXXXXXXXX"
export weight="70.0"
export date="yyyy-mm-dd"
export previous_date="yyyy-mm-dd"
# Authorization ヘッダー用の Base64 エンコード
auth_header=$(echo -n "${FB_CLIENT_ID}:${FB_CLIENT_SECRET}" | base64)
# introspect 呼び出し
-H "Authorization: Basic ${auth_header}" \
-d "token=${access_token}"
# Fitbit API から体重情報を取得する
-H "Authorization: Bearer ${access_token}" \
-H "Accept: application/json"
# Fitbit API に体重ログを POST する
-H "Authorization: Bearer ${access_token}" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "weight=${weight}&date=${date}"
```
introspect result
```
{"active":true,"scope":"{RESPIRATORY_RATE=READ_WRITE, OXYGEN_SATURATION=READ_WRITE, TEMPERATURE=READ_WRITE, NUTRITION=READ_WRITE, PROFILE=READ_WRITE, HEARTRATE=READ_WRITE, ELECTROCARDIOGRAM=READ_WRITE, CARDIO_FITNESS=READ_WRITE, ACTIVITY=READ_WRITE, SLEEP=READ_WRITE, SOCIAL=READ_WRITE, IRREGULAR_RHYTHM_NOTIFICATIONS=READ_WRITE, WEIGHT=READ_WRITE, LOCATION=READ_WRITE, SETTINGS=READ_WRITE}","client_id":"XXXXX","user_id":"XXXXX","token_type":"access_token","exp":1747899035000,"iat":1747870235000}
```
weight get result
```
{"weight":[{"bmi":20.00,"date":"yyyy-mm-dd","fat":20.0,"logId":1747812600000,"source":"API","time":"07:30:00","weight":75.5}]}
```
weight post result
```
{
"error": {
"code": 403,
"message": "The caller does not have permission",
"status": "PERMISSION_DENIED"
}
}
```
