Cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

OAuth 2.0 401 Unauthorized error

ANSWERED

Hi! Trying to implement OAuth 2.0 in an ASP.NET MVC App, and I'm stuck on the second step - the call to 

https://api.fitbit.com/oauth2/token

gives me an 401 Unauthorized error. 

 

First I call the https://api.fitbit.com/oauth2/authorize?.... with all parmeters, get to the login and so on, all the way to the callback to my app where I grab the code. All looks fine there. The nest call though, the POST to the /oauth2/token fails as I wrote above. I've tried both in code and in Fiddler and my request looks like this:

Url:

POST https://api.fitbit.com/oauth2/token

Headers:

Authorization: Basic Base64EncodedString=

Body:

client_id=xxxx&grant_type=authorization_code&redirect_uri=http%3A%2F%2Flocalhost%3A55696%2Fhome%2Fredirect&code=fdca489e85...snip....ee0f32dc8f5122c

 

The Authorization header is base64 encoded from "clientId:code" as explained in the docs.

 

Not sure what to do right now... please help 🙂

 

 

Best Answer
0 Votes
2 BEST ANSWERS

Accepted Solutions

The Authorization header was encoded from "clientId:code", which was wrong. I should have used "clientId:secret". I corrected that, but still get 401 Unauthorized back from the post to https://api.fitbit.com/oauth2/token 😞

View best answer in original post

Best Answer
0 Votes

Got past that step now - I had to speficy the redirect_url in the body. I took it out first when I started to get problems 🙂

View best answer in original post

Best Answer
0 Votes
2 REPLIES 2

The Authorization header was encoded from "clientId:code", which was wrong. I should have used "clientId:secret". I corrected that, but still get 401 Unauthorized back from the post to https://api.fitbit.com/oauth2/token 😞

Best Answer
0 Votes

Got past that step now - I had to speficy the redirect_url in the body. I took it out first when I started to get problems 🙂

Best Answer
0 Votes