Invalid signature or token

sreerammc · ‎06-18-2014

Hi,

I am trying to call oauth/access_token. I always get error saying Invalid signature or token.

Following is the raw request:

HEADERS

Accept: */*

Accept-Encoding: gzip, deflate, compress

Authorization: OAuth oauth_consumer_key="bc2ca1c6198046a68622c86d0e3169c8", oauth_token="6c62857172d44ce1d25f89eca52e5db3", oauth_nonce="sreeram12345", oauth_signature="umXDgWqMBby3iVxhU%2FwGxSzSak4%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1403100732", oauth_verifier="3kjn3s14pfkd8dtueds8cfvnun", oauth_version="1.0"

Content-Length: 0

User-Agent: runscope/0.1

My Base String that I used was:

POST&http://api.fitbit.com/oauth/access_token&oauth_consumer_key=bc2ca1c6198046a68622c86d0e3169c8&oauth_n...

I am constructing secret string to sign by:

Client (Consumer) Secret&oauth_token_secret

Can you please let me know why am I getting this error.

Regards,

Sreeram MC

sreerammc · ‎06-18-2014

Hi,

Please note: I am using a standalone program to do access resource. I am using "https://www.fitbit.com/oauth?oauth_token=" to access PIN and I use PIN in "oauth_verifier".

Regards,

Sreeram MC

ibahdanau · ‎06-18-2014

Did you try making the same request with just Authorization header and do not send other additional extra headers?

Check out this spec for more information:

http://tools.ietf.org/html/rfc5849#section-3.4

Ivan Bahdanau
Senior Software Developer at Fitbit

Join us on the Community Forums!

Community Guidelines

Learn the Basics

Join the Community!

Not finding your answer on the Community Forums?

Go to the Help Site

Contact Support

Invalid signature or token

sreerammc

sreerammc

ibahdanau