help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Problem requesting temp access token(A-B).

ANSWERED

‎06-17-2015 09:14

‎06-17-2015 09:14

I'm having my first attempt at interfacing to the fitbit api from vb.net.

I have registered my app and got the necessary keys.

I have implemented the HMAC-SHA1 signature and both my base string and my signature match the example given in the API Debug tool - so far so good.

 

However, I'm getting a 400 Bad Request when I try to use request_token

This is my authorisatioh header, which seems to abide by the advice given

 

X-Authorization: OAuth realm="https://api.fitbit.com/oauth/request_token",oauth_callback=http%3A%2F%2Fwww.nonexistent.org,oauth_co...

 

Any obvious howlers? I'm sending this via a POST. Can I assume that I don't need a message body for a call to request_token?

Should I be wrapping my header value parameters in quotes (I think I tried it but you know how it is when you get stuck)

Any advice gratefully rxd.

Thanks

Tim

Best Answer
Labels:
0 Votes
1 BEST ANSWER

Accepted Solutions

‎06-18-2015 03:21

‎06-18-2015 03:21

SOLVED:

One of those blindingly obvious things -  the X-Authorisation header shouldn't have had the X- prefix.

One of the consequences of using code from the internet, but it still brought me to the end game quicker than I would have got there on my own, so I guess it's just one of those things.

If I could have closed this post so I didn't waste anyone's time, I would have.

View best answer in original post

Best Answer
0 Votes
1 REPLY 1

‎06-18-2015 03:21

‎06-18-2015 03:21

SOLVED:

One of those blindingly obvious things -  the X-Authorisation header shouldn't have had the X- prefix.

One of the consequences of using code from the internet, but it still brought me to the end game quicker than I would have got there on my own, so I guess it's just one of those things.

If I could have closed this post so I didn't waste anyone's time, I would have.

Best Answer
0 Votes