03-28-2017 02:24
09-15-2017 08:09
09-15-2017 08:09
In one of my posts above I talked about the fact that using the same Fitbit account in both the production and the tests environments leads to this issue.
I keep investigating this issue and I just come to discover a simpler way to reproduce it. I just have to connect my application twice (or more) to the same Fitbit account. In this case, the access token keeps working while it is valid but it is not possible to obtain a new one using the refresh token. As soon as it expires we can no longer interact with the Fitbit API.
In our application, we synchronize some goals to the corresponding Fitbit activities, for instance the walk goal with the steps activities, the lose weight goal with the weight logs and so on... A user owning a Fitbit device will probably want to connect multiple goals to his Fitbit account. This is the reason this bug is very annoying for us.
Note that the access token is still valid as I said above, and we still receive subscriptions. Everything is normal except the refresh token that becomes invalid.
Could @AndrewFitbit, @DavidSFitbit or someone else at Fitbit have a look at this issue please?
Thanks in advance.
Kind regards.
09-26-2017 07:28
09-26-2017 07:28
Like gmdev, I was able to reproduce this by connecting the same device to multiple accounts.
This is also problematic for us since our customers sometimes have multiple accounts through different channels and legitimately want to connect their Fitbit to both accounts. We have no way to link the accounts and no way to see if a given Fitbit account is already connected. Therefore, we can't even warn the user their first account will break.
09-27-2017 02:58
09-27-2017 02:58
I was, also, able to reproduce this by connecting an account our production and developer services.
09-27-2017 17:55
09-27-2017 17:55
Maybe this is related to the issue I am having.
I can authorize no problem. But renewal works the first time(I don't think i get a new refresh token) then doesn't work the 2nd time. Which from reading these forms perhaps that is how it is suppose to work. But how do I keep a token for constant access?
Also I tested it further and I reauthorized fully, then waited 15 mins and it looks like the refresh token stops working.
I got everything working except I need to reauthorize everyday to spite saving the refresh token, an daccess token on each authorization or refresh. Would love any suggestion you guys might have.
09-27-2017 18:45
09-27-2017 18:45
@MattJDavisIt sounds like you're not saving the new refresh token. Each time you authorize, you are given a new refresh token (along with the authorization token) and the old one is no longer valid.
09-27-2017 22:36
09-27-2017 22:36
hmm I'm pretty sure I am, and I've also compared them from authorization to refresh, to mulptiple refresh. But alas perhaps I missed it and I could be wrong. I'll double check again tommorow. Thanks.
09-27-2017 22:37
09-27-2017 22:37
@rossiam will a refresh token work after a accesstoken is expired?
10-06-2017 00:23
10-06-2017 00:23
We have the same experience as other users in this thread.
Without editing the code in months, in the last weeks more users get disconnected then before.
It looks to happen randomly and even happened to my own user, without me doing anything / revoking my connection.
1) I didn't connect twice with the same Fitbit account
2) I didn't revoke the connection
3) Refreshing the token works most of the time, so it's not always a problem.
Is this issue still getting investigated by Fitbit? Or is there a workaround for this problem?
10-06-2017 14:32
10-06-2017 14:32
The Fitbit team has been investigating this problem and identified some possible causes. Currently, we are working on the fixes and the changes to make the system more robust.
10-10-2017 19:18
10-10-2017 19:18
We are also facing this issue. The users token was refreshed at 2017-10-10T22:05:35.503021867Z.
At 2017-10-10T23:20:59.654630244Z, we used this token token for refreshing the access token and it said it was invalid
{"log":"Connection to Fitbit failed with the following error: {\"errors\":[{\"errorType\":\"invalid_grant\",\"message\":\"Refresh token invalid:. Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process.\"}],\"success\":false}\n","stream":"stdout","time":"2017-10-10T23:20:59.654630244Z"}.
This was done for testing, we do not refresh the access token so often. We do it post the expiry time.
10-10-2017 19:43
10-10-2017 19:43
I get this pretty constantly. I've tested it on a friends commercial account and it worked perfectly. But then invalid grants regularly on my personal. I sent in a support request and was told its not an issue they monitor it. Feels like they want us to be forsex into commercial or human api
11-06-2017 07:56
11-06-2017 14:31
11-06-2017 14:31
Hello @gmdev,
As mentioned before possible causes and fixes are investigated. The team is very close to complete the first fix.
It will be announced here as soon as it gets pushed.
Thanks
03-06-2018 08:43
03-06-2018 08:43
can you give us an update on this?
03-08-2018 14:41
03-08-2018 14:41
This should be fixed by now.
08-29-2018 04:25
08-29-2018 04:25
I seem to be facing this issue recently. I'm not sure how to resolve this. Can you please help us out with this?
09-18-2018 11:47
09-18-2018 11:47
"If that user authorizes themselves again as a new user in your system, but uses the same fitbit account credentials, the old authorization will become invalidated."
From: https://community.fitbit.com/t5/Web-API-Development/Web-API-Q-s/m-p/1062550/highlight/false#M4026