help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Only some Heart Rate data with API insufficient_permissions

ANSWERED

‎10-23-2015 13:47 - edited ‎10-23-2015 13:57

‎10-23-2015 13:47 - edited ‎10-23-2015 13:57

I have modified a Python API to comply with OAuth 2.0 and retrieve HR data.  I have authorized my application read/write access to all scopes.

 

I am able to retrieve HR data only partly, this works:

/1/user/-/activities/heart/date/today/1d.json

and gives me status 200 and data. But this doesn't:

/1/user/-/activities/heart/date/2015-10-19/2015-10-20/1min/time/23:00/01:00.json
{"errors":[{"errorType":"insufficient_permissions","message":"API client is not authorized by Fitbit to access the resource requested. Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process."}],"success":false}

Both work when using the API Explorer.

 

To be sure I have tested both using curl instead of my Python client, which gives me the same result. A dump of the exchanges can be found here:

200, working: http://pastebin.com/9w1Efkkx

403, not working: http://pastebin.com/C4d763x8

 

I'm at loss why one works and the other doesn't. Can anyone shed some light on this.

 

Thanks!

 

Best Answer
Labels:
0 Votes
1 BEST ANSWER

Accepted Solutions

‎10-26-2015 10:51 - edited ‎10-26-2015 12:31

In response to JeremiahFitbit

‎10-26-2015 10:51 - edited ‎10-26-2015 12:31

Hi JeremiahFitBit,

 

Yes it is listed and as described I can query the daily overviews. Reading the forums I found out that the intraday data is reversed and needs to be requested (in fact that post was written by you). I think this is what I'm encountering. Can you confirm this?

 

Thanks!

 

p.s. I have already requested intraday access through api@fitbit.com for my app.

 

Edit: As expected my app doesn't have acces to the intraday data. Intraday access has to be requested as outlined here on the forums. Everything is clear now.

 

View best answer in original post

Best Answer
0 Votes
11 REPLIES 11

‎10-26-2015 01:25

‎10-26-2015 01:25

I went over all heart rate related requests in the docs. Below is a collection of what works and what doesn't

 

Can someone please shed some light on this? I am quite sure I'm using OAuth 2.0 correctly, see the pastebin links in my previous post. Thanks!

 

Works:

/1/user/-/activities/heart/date/today/1d.json
/1/user/-/activities/heart/date/2015-10-22/2015-10-24.json
/1/user/-/activities/heart/date/2015-10-22/2015-10-24/1min.json

Which gives me a daily overview with heart rate zones, not at the minute level at all.

/1/user/-/activities/heart/date/2015-10-22/2015-10-24/1sec.json

Which gives me a list of all public and private activities (names only).

 

Works partially (does not give same results as API explorer):

/1/user/-/activities/heart/date/2015-10-22/1d/1min.json

In the API explorer I get full minute-by-minute details. In the Python API I only get daily overview with heart rate zones.

 

Does not work (but does work in API explorer):

/1/user/-/activities/heart/date/2015-10-23/2015-10-24/1min/time/12:00/10:00.json
/1/user/-/activities/heart/date/2015-10-23/1d/1min/time/12:00/13:00.json

These give simply errorType: insufficient_permissions

 

 

 

Best Answer
0 Votes

‎10-26-2015 02:58 - edited ‎10-26-2015 03:02

In response to jacco

‎10-26-2015 02:58 - edited ‎10-26-2015 03:02

I am unfortunately no closer, but I did try a lot of different scenarios:

  • I changed my app's permissions to read (from read&write) and got new tokens.
  • I made sure requests are from the same server as my app's callback uri.
  • I have included Host, X-Target-URI, and Connection fields in my headers.
  • I have changed my App OAouth 2.0 Application Type from Server to Client
  • I have tried different user-agents like curl and chrome.

All of these have no effect on the process.

Best Answer
0 Votes

‎10-26-2015 10:21

In response to jacco

‎10-26-2015 10:21

Do you see "Heart Rate" listed on the OAuth 2.0 authorization screen when you give consent?

Best Answer

‎10-26-2015 10:51 - edited ‎10-26-2015 12:31

In response to JeremiahFitbit

‎10-26-2015 10:51 - edited ‎10-26-2015 12:31

Hi JeremiahFitBit,

 

Yes it is listed and as described I can query the daily overviews. Reading the forums I found out that the intraday data is reversed and needs to be requested (in fact that post was written by you). I think this is what I'm encountering. Can you confirm this?

 

Thanks!

 

p.s. I have already requested intraday access through api@fitbit.com for my app.

 

Edit: As expected my app doesn't have acces to the intraday data. Intraday access has to be requested as outlined here on the forums. Everything is clear now.

 

Best Answer
0 Votes

‎10-28-2015 22:12

In response to jacco

‎10-28-2015 22:12

Hi, i have the same problem, it return 403 when request for intraday data, how to get the permission for intraday data? tq in advance. 😄

Best Answer
0 Votes

‎10-28-2015 23:55

In response to encikpulasan

‎10-28-2015 23:55

@encikpulasan wrote:

Hi, i have the same problem, it return 403 when request for intraday data, how to get the permission for intraday data? tq in advance. 😄

Please see this section of the docs: https://dev.fitbit.com/docs/activity/#get-activity-intraday-time-series

Best Answer

‎10-29-2015 03:28

In response to SunsetRunner

‎10-29-2015 03:28

Hi, i am sorry but i was talking about heart rate intraday, i use this "https://api.fitbit.com/1/user/-/activities/heart/date/today/1d/1sec/time/00:00/00:01.json" but it return 403..

i can get response when https://api.fitbit.com/1/user/-/activities/heart/date/today/1d/1sec.json

Best Answer
0 Votes

‎10-29-2015 04:19

In response to encikpulasan

‎10-29-2015 04:19

I want to get:

"activities-heart-intraday": {
        "dataset": [
            {
                "time": "00:00:00",
                "value": 64
            },
            {
                "time": "00:00:10",
                "value": 63
            },
            {
                "time": "00:00:20",
                "value": 64
            },
            {
                "time": "00:00:30",
                "value": 65
            },
            {
                "time": "00:00:45",
                "value": 65
            }
        ],
        "datasetInterval": 1,
        "datasetType": "second"
    }

as in example using:
GET https://api.fitbit.com/1/user/-/activities/heart/date/today/1d/1sec/time/00:00/00:01.json
but i get 403, 

 

403 error intraday heartrate restricted?

Best Answer
0 Votes

‎10-29-2015 04:21

In response to encikpulasan

‎10-29-2015 04:21

When im using
GET https://api.fitbit.com/1/user/-/activities/heart/date/today/1d/1sec
i get:

stdClass Object
(
    [activities-heart] => Array
        (
            [0] => stdClass Object
                (
                    [dateTime] => 2015-10-29
                    [value] => stdClass Object
                        (
                            [customHeartRateZones] => Array
                                (
                                )

                            [heartRateZones] => Array
                                (
                                    [0] => stdClass Object
                                        (
                                            [caloriesOut] => 467.49012
                                            [max] => 98
                                            [min] => 30
                                            [minutes] => 299
                                            [name] => Out of Range
                                        )

                                    [1] => stdClass Object
                                        (
                                            [caloriesOut] => 16.407
                                            [max] => 137
                                            [min] => 98
                                            [minutes] => 3
                                            [name] => Fat Burn
                                        )

                                    [2] => stdClass Object
                                        (
                                            [caloriesOut] => 0
                                            [max] => 166
                                            [min] => 137
                                            [minutes] => 0
                                            [name] => Cardio
                                        )

                                    [3] => stdClass Object
                                        (
                                            [caloriesOut] => 0
                                            [max] => 220
                                            [min] => 166
                                            [minutes] => 0
                                            [name] => Peak
                                        )

                                )

                            [restingHeartRate] => 63
                        )

                )

        )

)
Best Answer
0 Votes

‎10-29-2015 05:00

In response to encikpulasan

‎10-29-2015 05:00

encikpulasan, what DanCFitbit is saying is correct. You simply do not have access to the activity intraday time series (heartrate falls under this category).

 

The response you post are exactly the same as the behaviour I have described in my second post. even though

/1/user/-/activities/heart/date/today/1d/1sec

doesn't give a 403, it also doesn't give you intraday data, only the overview.

 

You need to request access to intraday data for your app, as described by DanCFitbit and here on the forums or wait for the personal app type to become available.

 

I can tell you from experience that once you have intraday access, your problems will disappear.

 

Cheers!

 

p.s. really great to see improvements in the clarity of the documentation and that a personal app type is being work on!

Best Answer
0 Votes

‎10-29-2015 15:25

In response to jacco

‎10-29-2015 15:25

I really hope i get the clearence for intraday permission. Thank you for your kind answer, sorry if i were harsh, yesterday was stressful day for me. Alright! Looking forward to the access. Tq mate! 😄

Best Answer
0 Votes