10-27-2014 06:17
10-27-2014 06:17
Today, Fitbit announced three exciting new products: Charge, Charge HR, and Surge. We're also excited to announce that the Fitbit API will provide access to the all day heart rate and GPS data from these devices. These data types will be accessible exclusively via OAuth 2.0. We'll be sharing more information about these new endpoints and our OAuth 2.0 transition in the coming months.
As announced in August, connections to api.fitbit.com will be restricted to HTTPS connections on November 3, 2014. TLS will be required on all api.fitbit.com endpoints, including all steps of OAuth.
TLS creates a secure communication channel between your application and Fitbit's API, ensuring user data is not accessed or tampered by unauthorized parties. If your application uses HTTP plaintext connections, you need to update it to use HTTPS immediately. Applications still using HTTP plaintext connections will stop functioning on November 3, 2014. The Fitbit API will return a HTTP 403 error to all non-TLS requests.
For most applications, changing "http://" to "https://" is all that is necessary to comply with this change.
Less than 5% of third-party Fitbit API requests are using XML. Going forward, new endpoints will be optimized for and exclusively available in JSON.
The following API endpoints are deprecated and will be removed at a future date:
All measurements except fat and weight will be removed from:
If you have questions about this notice, please post here.
–The Fitbit API Team
10-27-2014 09:16
10-27-2014 09:16
Awesome stuff. Looking forward to switching to OAuth 2.0!
10-27-2014 13:18
10-27-2014 13:18
@JeremiahFitbit wrote:All measurements except fat and weight will be removed from:
@JeremiahFitbit I thought that the extra measurements were going to be maintained and still available for us by existing users, just that new users wouldn't be able to use them. Is that not going to be the case with the APIs?
10-27-2014 14:27
10-27-2014 14:27
@Michael wrote:
@JeremiahFitbit I thought that the extra measurements were going to be maintained and still available for us by existing users, just that new users wouldn't be able to use them. Is that not going to be the case with the APIs?
Marking these endpoints as deprecated means that we're not planning future development of them and that third-party developers should not create new integrations with them.
10-27-2014 14:45
10-27-2014 14:45
@JeremiahFitbit wrote:
@Michael wrote:@JeremiahFitbit I thought that the extra measurements were going to be maintained and still available for us by existing users, just that new users wouldn't be able to use them. Is that not going to be the case with the APIs?
Marking these endpoints as deprecated means that we're not planning future development of them and that third-party developers should not create new integrations with them.
But your announcement doesn't just say they will be marked as deprecated, it says that the additional measurements will be removed from them. That is a big difference.
10-28-2014 17:33
10-28-2014 17:33
When can we expect to be able to switch over to Oauth 2.0?
11-01-2014 06:32
11-01-2014 06:32
Why in the world would you depreciate XML? Does it really add that much overhead on your side that you're goign to make 5% of us change our code?
11-01-2014 09:47
11-01-2014 09:47
Here at Fitbit we focused on providing as much easy-to-use API for developers as it possilbe. Our aim is that all developers who use Fitbit API can easy understand data structure even without reading documentation.
Due to different natures of JSON and XML we are required now to have two different serialization approaches: one for JSON and other one for XML.
Since most of our users are using JSON(around 98%) and we decided to focus and polish JSON serialization and deprecate XML.
Overall ourdays development community tends to get rid of XML since there are more advantages of JSON over XML then XML over JSON.
11-03-2014 09:36
11-03-2014 09:36
Hi Jeremiah,
When you say "OAuth 2.0 transition", do you still intend to support OAuth 1.0 in the near future? Is there a timeline when you intend to stop supporting 1.0?
Thanks.
11-03-2014 18:36
11-03-2014 18:36
Chetan wrote:
When you say "OAuth 2.0 transition", do you still intend to support OAuth 1.0 in the near future? Is there a timeline when you intend to stop supporting 1.0?
We do not plan on deprecating OAuth 1.0a for quite awhile.
11-03-2014 18:42
11-03-2014 18:42
@SetpointHealth wrote:
Why in the world would you depreciate XML? Does it really add that much overhead on your side that you're goign to make 5% of us change our code?
Actually, yes, supporting both XML and JSON does add notable overhead when done properly. It's impossible to programatically optimize responses in both JSON and XML.
This announcement does NOT require you to change your code. All existing endpoints will continue to support XML.
However, when you want to take advantage of the new features and endpoints that we haven't announced yet, you'll need to use JSON.
11-06-2014 20:30
11-06-2014 20:30
I would like to know if the Charge Hr will be waterproof like the Flex ?
11-06-2014 21:32
11-06-2014 21:32
@Starlight71701 wrote:
I would like to know if the Charge Hr will be waterproof like the Flex ?
Hi, you have posted in the incorrect forum; we talk about the Fitbit API in here. Please post in the Charge HR forum https://community.fitbit.com/t5/Charge-HR/bd-p/chargeHR
Thanks!
11-20-2014 01:40
11-20-2014 01:40
11-20-2014 08:18
11-20-2014 08:18
There are no plans on sadding upport for direct BLE communication API.
12-11-2014 00:32
12-11-2014 00:32
Good day!
When you intend to release a new version of Fitbit API? The first half of 2015?
We are looking forward to.
12-12-2014 14:05
12-12-2014 14:05
Several people have asked about GPX and TCX export. The API will support TCX export, as it allows us to combine GPS and heart rate data. The GPX format is being considered.
We know that you want this feature now and we can't wait to share it. Given the more sensitive nature of GPS, this export will be an OAuth 2 feature and apps will have to ask for explicit permission. When we have our OAuth 2 ready for beta testing, you'll be able to start using this feature.
01-10-2015 00:32 - edited 01-10-2015 00:33
01-10-2015 00:32 - edited 01-10-2015 00:33
@JeremiahFitbit how about an export feature through the web interface for both TCX and GPX?
01-17-2015 13:23
01-17-2015 13:23
Any time frame on the TCX export?
01-18-2015 13:59
01-18-2015 13:59
"the Fitbit API will provide access to the all day heart rate and GPS data from these devices"
I'm a bit confused by this. Will the API provide access to data from individually logged runs, or just a total for the whole day?