help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Missing 'grant_type' parameter value error with laravel request

‎09-11-2022 03:31

‎09-11-2022 03:31

Hey guys!

I'm using Laravel for authenticate with Fitbit

I tried to make a request for auth but when i want to Exchange the Authorization Code for the Access and Refresh Tokens, returns this error:

 

{
"errors":[
{"errorType":"invalid_request","message":"Missing 'grant_type' parameter value. Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process."}
],"success":false
}

 

 

It is possible to show the logic or other materials if requested.

Anyone can help?

Best Answer
Labels:
0 Votes
10 REPLIES 10

‎09-12-2022 09:00

‎09-12-2022 09:00

Hi @ShahabS 

 

I'm not familiar with Laravel, but you should still make certain your code uses the correct syntax for authentication.   When your application calls /oauth2/token, make certain you have the grant_type parameter specified and the value set to "authorization_code".

 

See https://dev.fitbit.com/build/reference/web-api/authorization/oauth2-token/

 

Gordon

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer
0 Votes

‎09-15-2022 05:38

In response to GordonFitbit

‎09-15-2022 05:38

I'm using this code for this request:

$code = $request->input('code');
        $url = 'https://api.fitbit.com/oauth2/token';
        $auth_key = base64_encode(env('FITBIT_CLIENT_ID') . ':' . env('FITBIT_CLIENT_SECRET'));

        return Http::withHeaders([
                'Authorization' => 'Basic ' . $auth_key,
            'Content-Type' => 'application/x-www-form-urlencoded'
            ])
            ->post($url, [
                'code' => $code,
                'client_id' => env('FITBIT_CLIENT_ID'),
                'code_verifier' => '01234567890123456789012345678901234567890123456789',
                'grant_type' => 'authorization_code',
            ]);
Best Answer
0 Votes

‎09-17-2022 07:55

In response to ShahabS

‎09-17-2022 07:55

Is the comma after 'authorization_code' a syntax error?

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer

‎09-19-2022 09:22

In response to GordonFitbit

‎09-19-2022 09:22

No, i'm using PHPStorm and there is no syntax error.

Best Answer
0 Votes

‎09-19-2022 12:23

In response to ShahabS

‎09-19-2022 12:23

At a high-level, the code look good to me.   But, I'm not familiar with PHP code to know if what you're doing is correct.   I've tried researching PHP examples and can't find exactly what I need.   I did see where the comma on the last key=>value pair in the array is ok.  I'm going to pose these questions to you to see if you can verify the information.

 

1. Are you including the Content-length header in your request?   This is a requirement for POST requests and I don't see it listed here.  We're missing the information in the documentation, but the other POST requests state

 

content-length required According to RFC 7230, section 3.3.2, this HTTP request requires the Content-Length header field containing the anticipated size of the payload body.

 

 

Http::withHeaders([
                'Authorization' => 'Basic ' . $auth_key,
            'Content-Type' => 'application/x-www-form-urlencoded'
            ])

 

2. Are these parameters described as query or body parameters?  They should be body parameters as described in the documentation.   See https://dev.fitbit.com/build/reference/web-api/authorization/oauth2-token/#Request.

 

[
                'code' => $code,
                'client_id' => env('FITBIT_CLIENT_ID'),
                'code_verifier' => '01234567890123456789012345678901234567890123456789',
                'grant_type' => 'authorization_code',
            ]

 

3. Try switching the order of the parameter values so grant_type=authorization_code is first.   What happens? 

 

4. Lastly, what is your application type designation in your registered application setting at https://dev.fitbit.com/apps?

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer
0 Votes

‎10-10-2022 11:34

‎10-10-2022 11:34

Did you find a solution for this?

Best Answer
0 Votes

‎10-10-2022 11:39 - edited ‎10-10-2022 11:40

In response to GordonFitbit

‎10-10-2022 11:39 - edited ‎10-10-2022 11:40

error.png

I am facing the same issue. I am using React and my request went out with the right configurations too. And I still get the same error.

As you can see from the screenshot, I have provided grant_type as authorization_code, but the error still says  "Missing 'grant_type' parameter value"

 

Best Answer
0 Votes

‎10-11-2022 07:10

In response to sony8

‎10-11-2022 07:10

Hi @sony8 

 

Again, I'm not familiar with React code.   At a glance, your code looks correct.   Would you please provide me the answers to the same questions I asked above?

 

  1. Are you using the content-length header?
  2. Are these parameters body parameters?
  3. Try switching the order of the parameter list so grant_type is first.  What happens?
  4. Lastly, what is your application type designation in your registered application setting at https://dev.fitbit.com/apps?

Gordon

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer
0 Votes

‎10-16-2022 23:07

In response to GordonFitbit

‎10-16-2022 23:07

  1. Are you using the content-length header?
    • No. Should I be using it? If so, what values should I give?
    • The only header values I am using are:
      'Content-Type': 'application/x-www-form-urlencoded',
      'Authorization': `Basic ${fitbitConfig.basicToken}`,
  2. Are these parameters body parameters?
    • Yes
  3. Try switching the order of the parameter list so grant_type is first.  What happens?
    • No difference even when I change the order
  4. Lastly, what is your application type designation in your registered application setting at https://dev.fitbit.com/apps?
    • Server
Best Answer
0 Votes

‎10-17-2022 14:09

In response to sony8

‎10-17-2022 14:09

Thank you for answering my questions.    I believe you are suppose to use the content-length header since it is a POST endpoint.   However, the information is missing from the documentation for that endpoint.   I can fix that.   The definition of content-length is 

 

content-length required According to RFC 7230, section 3.3.2, this HTTP request requires the Content-Length header field containing the anticipated size of the payload body.
Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer
0 Votes