Solved: OAuth 2 Token Request Error: "Empty client id"

bbowden · ‎05-14-2015

I'm currently attempting to build a Node app using the OAuth 2 endpoints and documentation. However, while I am providing "client_id" in the POST body and following along with the documentation, I keep getting a 401 with the error message "Empty client id."

I recreated the POST request in Postman:

POST /oauth2/token HTTP/1.1
Host: api.fitbit.com
Content-Type: application/x-www-form-urlencoded
Authorization: Basic %EF%BF%BDoP%17%EF%BF%B.....
Cache-Control: no-cache

client_id=2###F9&grant_type=authentication_code&code=cc483e1fcd6802286d85066787a89dedc85a253c

(Authorization header contains the base-64 encoding of the client ID and secret concatenated with a ":")

As in my Node app, I received the following response:

{
  "errors": [{
    "errorType": "oauth",
    "fieldName": "client_id",
    "message": "Empty client id"
  }],
  "success": false
}

Am I doing something wrong, or is this a defect in the FitBit backend?

SunsetRunner · ‎05-14-2015

Double check your Authorization header, that doesnt look like base64 encoding to me.

For example, if your client_id is ABCDEF and your secret is 8168415c4e2506c7e1adf12c432cd4da

Then your Authorization header should be "Authorization: Basic QUJDREVGOjgxNjg0MTVjNGUyNTA2YzdlMWFkZjEyYzQzMmNkNGRh"

View best answer in original post

JeremiahFitbit · ‎05-14-2015

The error may be incorrect, but I think you're sending the wrong grant_type.

grant_type should be authorization_code, not authentication_code

bbowden · ‎05-14-2015

Whoops, sorry. Got that wrong in Postman. To confirm: changing the value for grant_type still results in the same error.

SunsetRunner · ‎05-14-2015

Double check your Authorization header, that doesnt look like base64 encoding to me.

For example, if your client_id is ABCDEF and your secret is 8168415c4e2506c7e1adf12c432cd4da

Then your Authorization header should be "Authorization: Basic QUJDREVGOjgxNjg0MTVjNGUyNTA2YzdlMWFkZjEyYzQzMmNkNGRh"

bbowden · ‎05-14-2015

@SunsetRunner, you are right! What I had is some mess that Node's buffer spit out that got URL-encoded. I did the base64 encoding by hand with another tool and it looks much more normal. I am now able to get an access token (well, after also specifying a redirect_uri). Thanks!

SunsetRunner · ‎05-14-2015

No problem! Thank you for bringing up the poor error messaging, we'll get that fixed.

johandanforth · ‎05-17-2015

I also had problems, but finally got it working by adding the redirect_url parameter in the body. The docs say:

Required if specified in the redirect to the authorization page. Must be exact match.

But I never specified that in the redirect because I only have one url. Small deal, things work now but maybe fix the docs or the server 🙂

SunsetRunner · ‎05-18-2015

@johandanforth wrote:

I also had problems, but finally got it working by adding the redirect_url parameter in the body. The docs say:

Required if specified in the redirect to the authorization page. Must be exact match.

But I never specified that in the redirect because I only have one url. Small deal, things work now but maybe fix the docs or the server 🙂

Thank you for reporting this, we will take a look and get this fixed.

Join us on the Community Forums!

Community Guidelines

Learn the Basics

Join the Community!

Not finding your answer on the Community Forums?

Go to the Help Site

Contact Support

OAuth 2 Token Request Error: "Empty client id"

bbowden

SunsetRunner

JeremiahFitbit

bbowden

SunsetRunner

bbowden

SunsetRunner

johandanforth

SunsetRunner