Solved: Personal APP Intraday- API client is not authorize...

hamedrd · ‎02-13-2023

We are using Inspire 3 Fitbits for a clinical study. I have created a Personal App to download the data from Fitbits. When I try to get Active Zone Minutes, Breathing Rate, and SPO2 Intraday data the access is denied with 403 API client not authorized by Fitbit to access the resource requested. I am able to get Activity, Heart Rate, and HRV Intraday data without any issues.

I was wondering if I am doing something wrong or if it is an API issue as described here.

As an example, I am writing to this topic for AZM: 'https://api.fitbit.com/1/user/-/activities/active-zone-minutes/date/[date]/1d/1min.json'

JohnFitbit · ‎03-10-2023

@hamedrd Apologies for the delayed response. Did you figure out the issue?

If not, I recommend checking to see if you requested the following scopes in your authorization URL:

oxygen_saturation
respiratory_rate

You'll need to include these scopes into your Authorize URL in order to consent to share the data to your application.

You should be seeing AZM data returned with that endpoint if you consented to share activity data to your application. Could you post your cURL request when you fetch AZM data (hide your access token)? I want to see the endpoint you're calling, and the headers you used. Also provide me with the JSON response containing the error code and error message.

View best answer in original post

JohnFitbit · ‎02-17-2023

Hi @hamedrd,

Welcome to the forums!

Since you mentioned that you're working with 3 devices, the "Personal" application type will not meet your project needs. The "Personal" application type grants immediate access to the intraday data for the owner of the account only. The error you see is expected behavior when you try to fetch data from users other than the owner of the account.

You'll need to switch your application type to "Server" or "Client" to access data from more than one user. Additionally, you'll need to submit an Intraday Access Request form in order to obtain intraday access for your application.

I hope this helps. Let me know if you have any additional questions.

hamedrd · ‎02-17-2023

Hi @JohnFitbit,

Thanks for your response! Currently, I am using only one Fitbit Device and the model is "Inspire 3". I am trying to get the data from only one device and I am the owner of the account that I created the personal app for. So, I don't think your response applies to my issue. I should have access to the owner's intraday data without an Access Request according to the documentation.

As I mentioned, I can get Activity, Heart Rate, and HRV intraday data without any issues. The access is denied only for SPO2, BR, and AZM. I am using the same authorization method for all of these data the only difference would be the URL I am using.

As an example, I am writing to this topic for AZM: 'https://api.fitbit.com/1/user/-/activities/active-zone-minutes/date/[date]/1d/1min.json' (I have replaced [date] with appropriate date)

I would appreciate it if you can answer based on these clarifications.

JohnFitbit · ‎03-10-2023

@hamedrd Apologies for the delayed response. Did you figure out the issue?

If not, I recommend checking to see if you requested the following scopes in your authorization URL:

oxygen_saturation
respiratory_rate

You'll need to include these scopes into your Authorize URL in order to consent to share the data to your application.

You should be seeing AZM data returned with that endpoint if you consented to share activity data to your application. Could you post your cURL request when you fetch AZM data (hide your access token)? I want to see the endpoint you're calling, and the headers you used. Also provide me with the JSON response containing the error code and error message.

hamedrd · ‎03-17-2023

@JohnFitbit Thanks for your reply! it resolved the BR and SPO2 problems. I am still struggling with the AZM. I am using the python suggested package by Fitbit for the authentication and getting the data. I am able to get all the data except AZM intraday. I am using the same authentication and request methods for getting AZM and other data.

Here is my authentication URL:

https://www.fitbit.com/oauth2/authorize?response_type=code&client_id=xxxx&redirect_uri=http%3A%2F%2F...', 'xxx'

and this is the URL I use to request AZM intraday ([date] was inserted as yyyy-mm-dd, I am not able to post dates): https://api.fitbit.com/1/user/-/activities/active-zone-minutes/date/[date]/1d/1min.json

JohnFitbit · ‎03-28-2023

@hamedrd I'm going to create a case with you in our support CRM and continue to investigate the AZM issues you're having there. Is the email that you have on your profile a good contact to reach you at?

Join us on the Community Forums!

Community Guidelines

Learn the Basics

Join the Community!

Not finding your answer on the Community Forums?

Go to the Help Site

Contact Support

Personal APP Intraday- API client is not authorized by Fitbit to access the resource requested

hamedrd

JohnFitbit

JohnFitbit

hamedrd

JohnFitbit

hamedrd

JohnFitbit