@J_Snooze thanks. At least now I know it not just me 😉

@J_Snooze @AppDev Do you have the prompt uri set to login? If you do, try without it and see if it works.

I do, but our company wants it that way because spouses are using the same tablets/phones/pc's etc... to download and log their steps for our corporate wellness program. They are forgetting that their spouse is logged in and grabbing the wrong persons steps. That option is said to force login everytime which they wanted. Is there another option I can send?

@AndrewFitbit Yes it is set to login. Why am I in an endless loop of login-prompt-login never moving beyond auth to the post auth page? Did something change recently because my setup was working 2 weeks ago?

I concur. Mine was working as of yesterday. This morning. Not so much.

I can confirm that removing the login prompt option did work. Is there a chance of changing this back or a different option? Just so I can let our HR dept know either way. Thanks!

Same here. Removing the prompt=login from the URL segment gets me beyond the login-auth-login loop. However now I am taken straight to my post-auth page and not prompted to consent. 

changed prompt=login to prompt=consent

This got me back to where I was earlier.

I wonder then what's the goal of the prompt=login option if it prompts endlessly? 

@AndrewFitbitany clarification?

@AppDev @J_Snooze I don't have an answer yet, but there seems to be an issue with 'login'. I'll update this thread when I have more information. Removing it is the only workaround I can provide at the moment. 

@AndrewFitbit thanks for the confimation.

We're tracking this issue at https://community.fitbit.com/t5/Web-API/Bug-prompt-login-OAuth-2-not-allowing-login/m-p/1271635#U127... .

Workaround posted to https://community.fitbit.com/t5/Web-API/Bug-prompt-login-OAuth-2-not-allowing-login/m-p/1271846#M505...

@J_Snooze did you test your app again after the bug fix? Today it appears the process it further broken. Instead of an endless login screen, I get an error that states the redirect_url is not set. It appears that auth process is unable to retrieve the redirect URL from the app settings (on the portal).

Is this working for you?

Mine is working again, I did the work around they posted of keeping the "login" option, but moving it so its not the last option I send in the uri. This is the c# I have (don't know what your app is built using, but maybe it helps)..

Here is the before and after. pretty simple, just moved the login parameter on the uri from last to second to last. Seems to be working for me. 

url += "/authorize?";
            url += "response_type=code";
            url += string.Format("&client_id={0}", this.ClientId);
            url += string.Format("&redirect_uri={0}", Uri.EscapeDataString(this.RedirectUri));
            url += string.Format("&scope={0}", String.Join(" ", scopeTypes));
            url += string.Format("&prompt={0}", "login");

Changed it to:****
url += "/authorize?";
 url += "response_type=code";
 url += string.Format("&client_id={0}", this.ClientId);
 url += string.Format("&redirect_uri={0}", Uri.EscapeDataString(this.RedirectUri));
 url += string.Format("&prompt={0}", "login");
 url += string.Format("&scope={0}", String.Join(" ", scopeTypes));

@J_Snooze Thanks for the code. Very similar to what I had

var url = string.Format("{0}?response_type=code&client_id={1}&redirect_url={2}&scope={3}&prompt=login", 
                WebConfigurationManager.AppSettings.Get(AppKeys.FitbitAuthorizationUrl2),
                WebConfigurationManager.AppSettings.Get(AppKeys.FitbitClientId),
                WebConfigurationManager.AppSettings.Get(AppKeys.FitbitAuthRedirectURL), 
                WebConfigurationManager.AppSettings.Get(AppKeys.FitbitScopes));

changed to 

var url = string.Format("{0}?response_type=code&client_id={1}&redirect_url={2}&prompt=login&scope={3}", 
                WebConfigurationManager.AppSettings.Get(AppKeys.FitbitAuthorizationUrl2),
                WebConfigurationManager.AppSettings.Get(AppKeys.FitbitClientId),
                WebConfigurationManager.AppSettings.Get(AppKeys.FitbitAuthRedirectURL), 
                WebConfigurationManager.AppSettings.Get(AppKeys.FitbitScopes));

the authorize URL is

"https://www.fitbit.com/oauth2/authorize"

Here are the steps

1. User click on a "Register" button in my web app

2. My web app redirects to teh fitbit authorize URL.

this is what I see in my browser URL bar

https://www.fitbit.com/login?redirect=%2Foauth2%2Fauthorize%3Fclient_id%3MY_CLIENT_ID%26redirect_uri...

3. See the Standard Fitbit login screen

4. After I enter the credentials, I get this error

The app you're trying to connect did not provide valid information to Fitbit. Please report this issue to them.

Developer information: invalid_request - Invalid redirect_uri parameter value

If you notice, the URL is missing the redirect_uri value (the one you add to your app in the portal and the one you used to build the redirect URL.

@J_Snooze Thanks to your code I was able to figure out what the issue was. The query parameter redirect_url is not longer being accepted. I noticed that your code has request_uri and mine had request_url. I swear, this worked. I believe Fitbit fixed the issue and after I changed request_url to request_uri, I have my app back up and running

Thanks for your help.

---

@AppDev wrote:

The query parameter redirect_url is not longer being accepted. I noticed that your code has request_uri and mine had request_url. I swear, this worked. I believe Fitbit fixed the issue and after I changed request_url to request_uri, I have my app back up and running

---

`redirect_uri` is the name of the parameter as defined by RFC 6749. We just checked our commit history. Fitbit has never supported `redirect_url`.

Glad that you figured it out and that your app is back up!