01-11-2019 17:28 - edited 01-11-2019 17:31
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

01-11-2019 17:28 - edited 01-11-2019 17:31
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
I am using Implicit Grant Flow and trying to log out Fitbit user from my app by revoking tokens. I attempted to make a POST request to this endpoint:
https://api.fitbit.com/oauth2/revoke
..and passed in the base64 string of my client id and secret as shown in the documentation:
Authorization: "Basic [my base64 string here]"
But I keep getting a 400 error that reads "Missing "token" parameter or token empty..."
I have the access token, not sure if it needs to be passed to the header? Postman shows the same error. Appreciate any help!
01-13-2019 12:07
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post



01-13-2019 12:07
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Hi @djyoo
Try passing the access token as a parameter to the API call.
https://dev.fitbit.com/build/reference/web-api/oauth2/#revoking-tokens
Gordon
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google

