help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 

New Subscriber with Basic Auth

‎10-15-2015 16:06

‎10-15-2015 16:06

I currently try to set up my first subscriber. My wesite is not Live yet. So there is an basic auth set up for my domain.

 

Now I tried to set up my first subscriber.

In Endpoint URL I put URL which included a Basic Auth as described in this post http://serverfault.com/a/371918/316948

But when I try to save the form I see following error: URL is not a valid URL

 

Can you please give me the opportunity to add subscriber URLs with Basic Auth.

 

All the best

dj_thossi

 

Even here I'm not allowed to have URLs with basci auth. So please see link on how I put them together.

Best Answer
Labels:
0 Votes
3 REPLIES 3

‎10-15-2015 16:22

‎10-15-2015 16:22

Hi @dj_thossi,

 

At this time, we do not have plans to support Basic Auth, but we appreciate your feature suggestion and will keep track of similar requests.

Best Answer
0 Votes

‎10-18-2015 03:00

In response to JeremiahFitbit

‎10-18-2015 03:00

Hey.

 

Thank you for your reply.

Do you have any idea on how I'm suppose to build the subscription part of my project? By German regulations I'm not allowed to have any endpoint public accessable yet because my preoject is collecting a lot of health data from any kinds of sources.

 

Do you see any other way to make German regulations happy and keep working on fitbit API or do I need to exclude fitbit from list of supported devices?

 

Any help appreciated.

Best Answer
0 Votes

‎10-19-2015 11:42

In response to dj_thossi

‎10-19-2015 11:42

The notifications themselves only contain the user id, the date, and the type of data changed—not the data itself. I'm not familiar with German regulations, but Fitbit has many HIPAA compliant customers using the Subscriptions API.

 

Subscriptions API security features:

  • You can use HTTPS for encrypted communication.
  • The requests are signed, so you can verify the request is authentic.
  • You can use FCrDNS to verify the request came from Fitbit's servers.

 

If you have additional security requirements, you may just have to poll for data instead.

Best Answer
0 Votes