Solved: Re: Invalid Grant Type "null" w/ Authorization Cod...

krajiyah · ‎01-02-2021

On the server side, using a fresh code and state from the authorization endpoint, and am providing the following request to the fitbit api:

URL: https://api.fitbit.com/oauth2/token
METHOD: POST

BODY: client_id=22BZGP&code=eee45fb8d6e63478f9884f649485f4ea084250be&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fauth.expo.io%2F%40krajiyah%2FRPG-IRL

HEADERS:

- Authorization: Basic base64(client_id:client_secret)
- Content-Type: application/x-www-form-urlencoded

The response I get back from you guys is this (the status code is 400):

{\"errors\":[{\"errorType\":\"invalid_grant\",\"message\":\"Authorization code verifier invalid: null Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process.\"}],\"success\":false}

I have double checked my client_Id:client_secret base64 header and it looks right to me (got through this error already, so think this part is working fine)

My server is a golang server hosted on Heroku (but this should not matter in an ideal world)

krajiyah · ‎01-03-2021

Actually realized the expo auth client, uses PKCE by default. So by adding `code_verifier` to request I got things working....

View best answer in original post

krajiyah · ‎01-02-2021

Also tried it in Postman and got same result: https://drive.google.com/file/d/1URBhE84UUSOMVJxBcJAHiAi15gc4qg3E/view?usp=sharing

krajiyah · ‎01-03-2021

Actually realized the expo auth client, uses PKCE by default. So by adding `code_verifier` to request I got things working....

Join us on the Community Forums!

Community Guidelines

Learn the Basics

Join the Community!

Not finding your answer on the Community Forums?

Go to the Help Site

Contact Support

Invalid Grant Type "null" w/ Authorization Code Flow (without PKCE)

krajiyah

krajiyah

krajiyah

krajiyah