help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

OAuth2 token length?

ANSWERED

‎03-17-2016 15:38

‎03-17-2016 15:38

Can I make assumptions about the length of the access and refresh tokens? 

Best Answer
Labels:
1 BEST ANSWER

Accepted Solutions

‎11-14-2016 18:09

‎11-14-2016 18:09

Your app should accomodate 1,024 bytes per token.

 

See https://community.fitbit.com/t5/Web-API/OAuth-2-0-access-and-refresh-token-size/m-p/1648577/thread-i...

View best answer in original post

Best Answer
5 REPLIES 5

‎03-18-2016 13:32

‎03-18-2016 13:32

Also, is there an upper bound for the length of each type of token? 

Best Answer

‎11-12-2016 17:33

In response to gravitas1

‎11-12-2016 17:33

I'd also like to know

Best Answer
0 Votes

‎11-12-2016 19:11

In response to m4olivei

‎11-12-2016 19:11

@m4olivei You can select the lifetime of the access token.

 

Authorization Code Grant Flow: 1 hour or 8 hours (defaults to 8 hours)

Implicit Grant Flow: 1 day / 1 week / 30 day / 1 year (defaults to 1 day)

 

Refresh tokens do not expire until they've been used, or if the user goes through the authorization process again.

Andrew | Community Moderator, Fitbit

What motivates you?
Best Answer
0 Votes

‎11-14-2016 05:56

In response to AndrewFitbit

‎11-14-2016 05:56

Thanks, but we're asking about the character length of the token. Is there a defined length of token, or can it vary. Is it different for the access_token and refresh_token?

Best Answer
0 Votes

‎11-14-2016 18:09

‎11-14-2016 18:09

Your app should accomodate 1,024 bytes per token.

 

See https://community.fitbit.com/t5/Web-API/OAuth-2-0-access-and-refresh-token-size/m-p/1648577/thread-i...

Best Answer