09-11-2022 03:31
09-11-2022 03:31
Hey guys!
I'm using Laravel for authenticate with Fitbit
I tried to make a request for auth but when i want to Exchange the Authorization Code for the Access and Refresh Tokens, returns this error:
{
"errors":[
{"errorType":"invalid_request","message":"Missing 'grant_type' parameter value. Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process."}
],"success":false
}
It is possible to show the logic or other materials if requested.
Anyone can help?
09-12-2022 09:00
09-12-2022 09:00
Hi @ShahabS
I'm not familiar with Laravel, but you should still make certain your code uses the correct syntax for authentication. When your application calls /oauth2/token, make certain you have the grant_type parameter specified and the value set to "authorization_code".
See https://dev.fitbit.com/build/reference/web-api/authorization/oauth2-token/
Gordon
09-15-2022 05:38
09-15-2022 05:38
I'm using this code for this request:
$code = $request->input('code');
$url = 'https://api.fitbit.com/oauth2/token';
$auth_key = base64_encode(env('FITBIT_CLIENT_ID') . ':' . env('FITBIT_CLIENT_SECRET'));
return Http::withHeaders([
'Authorization' => 'Basic ' . $auth_key,
'Content-Type' => 'application/x-www-form-urlencoded'
])
->post($url, [
'code' => $code,
'client_id' => env('FITBIT_CLIENT_ID'),
'code_verifier' => '01234567890123456789012345678901234567890123456789',
'grant_type' => 'authorization_code',
]);
09-17-2022 07:55
09-17-2022 07:55
Is the comma after 'authorization_code' a syntax error?
09-19-2022 09:22
09-19-2022 09:22
No, i'm using PHPStorm and there is no syntax error.
09-19-2022 12:23
09-19-2022 12:23
At a high-level, the code look good to me. But, I'm not familiar with PHP code to know if what you're doing is correct. I've tried researching PHP examples and can't find exactly what I need. I did see where the comma on the last key=>value pair in the array is ok. I'm going to pose these questions to you to see if you can verify the information.
1. Are you including the Content-length header in your request? This is a requirement for POST requests and I don't see it listed here. We're missing the information in the documentation, but the other POST requests state
content-length | required | According to RFC 7230, section 3.3.2, this HTTP request requires the Content-Length header field containing the anticipated size of the payload body. |
Http::withHeaders([
'Authorization' => 'Basic ' . $auth_key,
'Content-Type' => 'application/x-www-form-urlencoded'
])
2. Are these parameters described as query or body parameters? They should be body parameters as described in the documentation. See https://dev.fitbit.com/build/reference/web-api/authorization/oauth2-token/#Request.
[
'code' => $code,
'client_id' => env('FITBIT_CLIENT_ID'),
'code_verifier' => '01234567890123456789012345678901234567890123456789',
'grant_type' => 'authorization_code',
]
3. Try switching the order of the parameter values so grant_type=authorization_code is first. What happens?
4. Lastly, what is your application type designation in your registered application setting at https://dev.fitbit.com/apps?
10-10-2022 11:34
10-10-2022 11:34
Did you find a solution for this?
10-10-2022 11:39 - edited 10-10-2022 11:40
10-10-2022 11:39 - edited 10-10-2022 11:40
I am facing the same issue. I am using React and my request went out with the right configurations too. And I still get the same error.
As you can see from the screenshot, I have provided grant_type as authorization_code, but the error still says "Missing 'grant_type' parameter value"
10-11-2022 07:10
10-11-2022 07:10
Hi @sony8
Again, I'm not familiar with React code. At a glance, your code looks correct. Would you please provide me the answers to the same questions I asked above?
Gordon
10-16-2022 23:07
10-16-2022 23:07
'Content-Type': 'application/x-www-form-urlencoded',
'Authorization': `Basic ${fitbitConfig.basicToken}`,
10-17-2022 14:09
10-17-2022 14:09
Thank you for answering my questions. I believe you are suppose to use the content-length header since it is a POST endpoint. However, the information is missing from the documentation for that endpoint. I can fix that. The definition of content-length is
content-length | required | According to RFC 7230, section 3.3.2, this HTTP request requires the Content-Length header field containing the anticipated size of the payload body. |