help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Previously working oAuth flow stuck at Login Transfer page on Android

ANSWERED

‎03-07-2022 07:23 - edited ‎03-07-2022 07:26

‎03-07-2022 07:23 - edited ‎03-07-2022 07:26

We have an issue where people can no longer proceed through the oAuth code grant login process on any Android device. It has actually been an issue for some weeks and we are pretty sure it is no happening because of anything we changed.

 

It seems we are getting stuck at the Login Transfer page that is shown in the browser after Fitbit credentials are entered. This is our URL

 

https://www.fitbit.com/login/transferpage?disableThirdPartyLogin=true&redirect=%2Foauth2%2Fauthorize%3Fclient_id%3D22CRQL%26redirect_uri%3Dileadit%253A%252F%252Fileadit.app%252Fauth%252Ffitbit%26response_type%3Dcode%26scope%3Dactivity%2Bheartrate%2Blocation%2Bnutrition%2Bprofile%2Bsettings%2Bsleep%2Bsocial%2Bweight%26state 

 

We end up here in the phones browser https://www.fitbit.com/login/transferpage but never get back to our app. It was previously working, so we are at a bit of a loss.

 

I have posted the authorise URL into postman and we recieve a HTTP 200 as expected.

 

Where should I be looking?

Thanks.

 

 

Best Answer
Labels:
0 Votes
1 BEST ANSWER

Accepted Solutions

‎03-26-2022 18:47

In response to MrLane

‎03-26-2022 18:47

Issue turned out to be at our end and was related to Activity/Intent Filter changes related to Android 12 support.

View best answer in original post

Best Answer
0 Votes
6 REPLIES 6

‎03-07-2022 10:36

‎03-07-2022 10:36

Hi @MrLane 

 

I tested the URL in my web browser (Chrome on Mac) and it works.   Are you having this problem with all new authorizations or just a few?    Do you have an approximate timeframe when the problem started happening?   Also, would you please provide me with your authorization URL?   You can send it to me via a private message, if you prefer.   I'll asked someone on my team to test it with their Android device.

 

Best,

Gordon

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer
0 Votes

‎03-07-2022 10:55

In response to GordonFitbit

‎03-07-2022 10:55

One more question.   Can you confirm the steps the user is following when the hang occurs.   For example

  1. The user clicks on the authorization URL in the mobile application
  2. The user is asked to log in
  3. Once the user logs in, they are redirected to the consent page but the redirection hangs before the page is loaded.

Gordon

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer
0 Votes

‎03-09-2022 03:05

In response to GordonFitbit

‎03-09-2022 03:05

Hi, I am still getting some feedback from others in the team, we are all working remote at the moment. We cannot pinpoint an exact date when this started as yet, I am waiting for a response from those who originally reported the issue. Loosely, I would say this was an issue only this year. We don't know how widespread this is as we don't have a large enough userbase currently, but I am asking a few people to test.

In terms of the steps, yes the user clicks on the authorisation link in our app, the browser opens and navigates to  https://www.fitbit.com/oauth2/authorize?response_type=code&client_id=22CRQL&redirect_uri=ileadit://i...

 

In my own testing, if the users browser isn't already logged into fitbit.com they will be asked to log in and with a successful login they will be asked to select permissions for the data fields. Clicking Allow does not work, nothing happens.

If the user is already logged into fitbit.com they end up at the transfer page, which then hangs. I am surprisingly getting an indication (in several browsers) that the site doesn't have a certificate...which is very strange.

When I open the link in InPrivate mode, I can progress to the login page and then the permissions page, but then hang on the transfer page, as in the case of the user not having been previously logged in.

Best Answer
0 Votes

‎03-09-2022 11:22

In response to MrLane

‎03-09-2022 11:22

I'm ignorant about certificates, but the mention of same reminded me of this.

Peter McLennan
Gondwana Software
Best Answer
0 Votes

‎03-26-2022 18:45 - edited ‎03-26-2022 18:48

‎03-26-2022 18:45 - edited ‎03-26-2022 18:48

Issue turned out to be at our end and was related to Activity/Intent Filter changes related to Android 12 support.

Best Answer
0 Votes

‎03-26-2022 18:47

In response to MrLane

‎03-26-2022 18:47

Issue turned out to be at our end and was related to Activity/Intent Filter changes related to Android 12 support.

Best Answer
0 Votes