07-02-2018 10:10
07-02-2018 10:10
The OAuth2 Introspect endpoint is used to retrieve the state of your tokens. A new version of this endpoint, version 1.1, has been released to better comply with Section 2.2 of RFC 7662. The changes you will see are:
For example, the response when a valid token is passed in parameter will change
from
{
"active":1,
"scope":"{ACTIVITY=READ_WRITE}",
"clientId":{“id”:“<Client Id>”},
"userId":{“id”:”<User Id>”},
"tokenType":"access_token",
"exp":<expires at>,
"iat":<issued at>
}
to
{
"active":true,
"scope":"{ACTIVITY=READ_WRITE}",
"client_id":"<Client Id>",
"user_id":"<User Id>",
"token_type":"access_token",
"exp":<expires at>,
"iat":<issued at>
}
An example response when an invalid token is passed in parameter will look like
from
{
“active”:0
}
to
{
"active”:false
}
The OAuth2 Introspect endpoint ver. 1.1 will be supported going forward. Please review the Introspect 1.1 documentation for details. We will deprecate Introspect endpoint ver. 1.0 within 60 days.
08-28-2018 00:52 - edited 08-28-2018 00:53
08-28-2018 00:52 - edited 08-28-2018 00:53
At the beginning of July 2018, the Fitbit Web API team announced the release of Introspect ver. 1.1. In the announcement, we stated Introspect ver 1.0 would be deprecated within 60 days. This is a reminder that the 60 days period is almost over. The previous version of the endpoint, Introspect ver. 1.0, will be removed on Monday, September 10, 2018.
Please contact the Fitbit Web API team if you have any questions.