Cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Trouble with OAuth 2.0 Tutorial

ANSWERED

I was hoping to get assistance in troubleshooting OAuth 2.0 access. I can't get the tutorial to work, and it seems that no matter what wrapper I use to get a token, I get the same errors. On the OAuth 2.0 tutorial page, I am selecting Authorization Code Flow, entering my client ID, client secret,  redirect URI, and scopes. I click on the link and copy the code after pressing allow. 

 

The Curl statement does not seem to work when I Hurl.It .   Could someone please help me figure out what I'm doing wrong? Here is an example from one of my test applications.

 

curl -X POST -i -H 'Authorization: Basic MjI4MzdWOjJiMzA4MDJkNzg5ZmVhNGNiZTk0YzEzZWY3NGQ1OWUw' -H 'Content-Type: application/x-www-form-urlencoded' -d "clientId=22837V" -d "grant_type=authorization_code" -d "redirect_uri=http%3A%2F%2Flocalhost" -d "code=ae57c13b25d8ef696b2529835c7fadb9dbe12d40" https://api.fitbit.com/oauth2/token

Per Hurl.It, the request is as follows:

HEADERS

Accept: */*
Accept-Encoding: gzip, deflate
Content-Length: 133
Content-Type: application/x-www-form-urlencoded
User-Agent: runscope/0.1

PARAMETERS

clientId: 22837V
code: ae57c13b25d8ef696b2529835c7fadb9dbe12d40
grant_type: authorization_code
redirect_uri: http%3A%2F%2Flocalhost

BODY 

redirect_uri=http%253A%252F%252Flocalhost&code=ae57c13b25d8ef696b2529835c7fadb9dbe12d40&grant_type=authorization_code&clientId=22837V

And the response I get is:

HEADERS

Cache-Control: no-cache, private
Cf-Ray: 2f2d37fa6f81569f-IAD
Connection: keep-alive
Content-Encoding: gzip
Content-Language: en-US
Content-Type: application/json;charset=utf-8
Date: Sun, 16 Oct 2016 17:26:56 GMT
Server: cloudflare-nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Www-Authenticate: Bearer realm="api.fitbit.com"
X-Frame-Options: SAMEORIGIN

BODY

{
"errors": [
{
"errorType": "invalid_client",
"message": "Invalid authorization header format. Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process."
}
],
"success": false
}

Any ideas as to what I'm doing wrong? Thanks so much in advance!

Best Answer
0 Votes
1 BEST ANSWER

Accepted Solutions

@bretzelpretzel This is how I did it, and it worked fine for me.

 

Screen Shot 2016-10-20 at 3.47.07 PM.png

Andrew | Community Moderator, Fitbit

What motivates you?

View best answer in original post

Best Answer
2 REPLIES 2

@bretzelpretzel This is how I did it, and it worked fine for me.

 

Screen Shot 2016-10-20 at 3.47.07 PM.png

Andrew | Community Moderator, Fitbit

What motivates you?

Best Answer

thanx.. This helps me a lot. 🙂

Best Answer
0 Votes