help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Invalid token error

‎10-31-2021 03:43

‎10-31-2021 03:43

Hi all. In my application I have authorised a user, and added them to a subscription. However whenever I add any activities for that user via the app, nothing is sent back to my subscription endpoint.

 

The subscriber is verified, and when I add the subscription for the user it returns a subscription code and id as expected.

 

I then tried to do the following to check that the user's subscription had been added correctly:

 

 

 

    $subscriptionUrl = "https://api.fitbit.com/1/user/".$fitbit_user_id."/activities/apiSubscriptions/1.json";
   
    $ch = curl_init();
    
    $options = array(
            CURLOPT_URL => $subscriptionUrl,
            CURLOPT_RETURNTRANSFER => true,
            CURLOPT_HTTPHEADER => array(
                'Authorization: Bearer ' . $fitbit_user_token
    ));
    curl_setopt_array($ch, $options);
    $result = curl_exec($ch);


    $json = json_decode($result, true);

    error_log(print_r($json, true));

 

 

However the response is always:

 

Array\n(\n [success] => \n [errors] => Array\n (\n [0] => Array\n (\n [errorType] => invalid_token\n [message] => Access token invalid: eyJhbGciOiJIUz[...]Jpc3MiOiJGaXRiaXQiLCJ0eXAiOiJhY2Nlc3N]

 

I'm banging my head against a wall now because my auth process all appears to be working, it's returning the token and refresh code for the user, and when I open the fitbit app on my phone I can see that my app has been authorised. Also the token expiry is 8 hours, so I don't believe it is an issue with expiry.

 

Any help would be gratefully received!

 

Thanks, Matt

 

Best Answer
Labels:
0 Votes
6 REPLIES 6

‎10-31-2021 13:24

‎10-31-2021 13:24

As an update to this post, I have now managed to fix the authentication issue, however I am still having a problem with the subscription.

 

Making this call to create the subscription:

$subscriptionUrl = "https://api.fitbit.com/1/user/-/activities/apiSubscriptions/1.json";
       
        $ch = curl_init();
        
        $options = array(
                CURLOPT_URL => $subscriptionUrl,
                CURLOPT_RETURNTRANSFER => true,
                CURLOPT_POST => true,
                CURLOPT_HTTPHEADER => array('Authorization: Bearer '.$user_token,
                        'Content-type: application/x-www-form-urlencoded')
        );
        curl_setopt_array($ch, $options);
        $result = curl_exec($ch);

 

Returns the following:

{"collectionType":"activities","ownerId":"9N3Q9N","ownerType":"user","subscriberId":"1","subscriptionId":"1"}

 

which suggests to me that the subscription has been created successfully. However I'm not receiving any data to my subscription endpoint. Also if i poll the subscription endoint to check subscriptions for the user, nothing is returned:

 

$subscriptionUrl = "https://api.fitbit.com/1/user/".$fitbit_user_id."/activities/apiSubscriptions.json";
    $ch = curl_init();
    
    $options = array(
            CURLOPT_URL => $subscriptionUrl,
            CURLOPT_RETURNTRANSFER => true,
            CURLOPT_HTTPHEADER => array(
                'Authorization: Bearer ' . $user_key,
                'Content-type: application/x-www-form-urlencoded'
    ));
    curl_setopt_array($ch, $options);
    $result = curl_exec($ch);

 

returns: {"apiSubscriptions":[]}

 

Any thoughts?

 

 

Best Answer
0 Votes

‎11-01-2021 10:56

In response to hikingchallenge

‎11-01-2021 10:56

Hi @hikingchallenge 

 

Each user is going to have a unique subscription id.  If you don't provide the subscription id when creating the subscription, we will add the id for you.   Try querying the subscription for the user by providing the subscription id.   Also, if you have multiple subscribers defined, we recommend adding the header X-Fitbit-Subscriber-Id with the subscription endpoints.  For example

 

GET https://api.fitbit.com/1/user/9N3Q9N/activities/apiSubscriptions/1.json

X-fitbit-Subscriber-Id: 1

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer

‎11-01-2021 11:19

In response to GordonFitbit

‎11-01-2021 11:19

Hi @GordonFitbit - thanks for the reply but no luck I am afraid. The following still returns an empty result:

 

$subscriptionUrl = "https://api.fitbit.com/1/user/".$fitbit_user_id."/activities/apiSubscriptions/1.json";
    
    $ch = curl_init();
    
    $options = array(
            CURLOPT_URL => $subscriptionUrl,
            CURLOPT_RETURNTRANSFER => true,
            CURLOPT_HTTPHEADER => array(
                'Authorization: Bearer ' . $fitbit_token,
                'Content-type: application/x-www-form-urlencoded',
                'X-fitbit-Subscriber-Id: 1'
    ));
    curl_setopt_array($ch, $options);
    $result = curl_exec($ch);
    error_log("Current Subscriptions" . $result);

 

This returns:

[Mon Nov 01 18:19:12.356310 2021] [php:notice] [pid 334459] [client 80.229.4.226:52002] Current Subscriptions{}, referer: https://www.fitbit.com/

 

 

 

Best Answer
0 Votes

‎11-02-2021 09:53

In response to hikingchallenge

‎11-02-2021 09:53

Hi @hikingchallenge 

 

I made a mistake.   Please remove the subscription id from the Get Subscription endpoint.  I see the status code 405 in our logs.   The syntax for the examples are incorrect.   I have verified that the correct Get Subscription List syntax is

 

GET https://api.fitbit.com/1/user/[user-id]/[collection-path]/apiSubscriptions.json

 

I'd like you to try the following steps.

 

  1. Revoke the user's consent to your application - this can be done either 1 of 2 ways
    1. have the user log into fitbit.com, select the wheel icon, select settings.  On the left, choose "Applications".  Find your application and revoke consent
    2. your application call the revoke endpoint against the user's access token.
  2. Delete the subscriber in your registered application settings at https://dev.fitbit.com/apps
  3. Re-add the subscriber to your registered application settings and make certain to enable the default radio button.
  4. Have the user re-authorize consent and add the subscription.   Make certain to specify the subscriber id through the X-Fitbit-Subscriber-Id header.
  5. Call "Get Subscription List".  If you specify the collection when adding the subscription, make certain to do the same for Get Subscription List.

 

Let me know how this goes

 

Gordon

 

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer
0 Votes

‎11-04-2021 03:09

In response to GordonFitbit

‎11-04-2021 03:09

Hi @GordonFitbit , thanks for the response.

 

Embarrassingly, the issues I had were down to how I was handling api responses elsewhere. I have now got things working for the most part, and I can confirm that following your instructions in the previous answer helped tremendously.

Best Answer
0 Votes

‎11-04-2021 09:18

In response to hikingchallenge

‎11-04-2021 09:18

That's great news!

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer
0 Votes