02-05-2020 14:51 - edited 02-05-2020 15:26
02-05-2020 14:51 - edited 02-05-2020 15:26
Hello,
I have a simple question.
After the user gives my app permission to access Fitbit data.
I retrieved the access token successfully. 🙂
What is the next step?
Should I save the (Access token) for every user in my database? or is it preferable to save it in the shared preferences?
I think it should be saved in a secure place, but I don't know what is the best way to do this.
Note :
I want to access the user data from server-side code also, so in this case, should I save it in DB?
to summarize: I will get the access token using my Android App, & I want to use the access token for both sides ( server and client side ).
Thank you for your time.
#Android #Java #WebAPI #Fitbit
Answered! Go to the Best Answer.
02-07-2020 13:56
02-07-2020 13:56
Hi @Ria2,
Welcome to the forums!
It depends on which authorization flow you chose.
I hope this helps. Please let me know if you have any additional questions.
02-07-2020 13:56
02-07-2020 13:56
Hi @Ria2,
Welcome to the forums!
It depends on which authorization flow you chose.
I hope this helps. Please let me know if you have any additional questions.
02-07-2020 16:06
02-07-2020 16:06
Okay Thank you , this is almost the perfecr answer! Very useful:-)
But i still have simple inquery, when i save the access key (which retrieved by Implicit Grant flow ), should I save it in an encoded form?
02-10-2020 16:59
02-10-2020 16:59
@Ria2 The access token you receive through the implicit grant flow is already encoded when you receive it. If you'd like to see them decoded, you can use https://jwt.io/.
07-17-2022 02:15
07-17-2022 02:15
I have a question, too. I'm building a server-side application that allows users access via web browsers. I can save the access token for every user. But when a user visit, I can't know which user he is. Is there a way to tackle this?