i have registered my app in fitbit and i got client id ,secret key ,redirect url as goiven below

OAuth 2.0 Client ID

22DFL2

Client Secret

22db8fc2967f6a077aeeba4c8ed20037

Callback URL

https://secureone.anvayaa.com/testAnvayaaARS

when i login with my credentials its redirecting to the above url in the app but we are not getting any authentication code neither hitting open url in app-delegate  .i have also given url scheme  as redirect url .

may i know what is the exact problem ,Please help me. i am struck in this problem from many days

how to provide redirect url in /oauth2/authorize endpoint .can you explain it.

i have tried in OAuth 2.0 tutorial page  but  before when i clicked the link i got the code and token also ,but later on i did  not get the code i am getting as 

https://www.fitbit.com/oauth2/authorize?response_type=code&client_id=22D9RY&redirect_uri=samplebit%3...

Sorry, that page is following a different trail.

can you explain the problem please

Hi @kshilpa,

In the most recent /oauth2/authorize statement you provided, I see your redirect_uri is set to redirect_uri=samplebit://.  The redirect_uri needs to be an absolute URL.  Would you please change it to something like redirect_uri=samplebit://callback.

Hi thanks for reply

but tried doing in web adding  some part to url  its working fine in oAuth2.tutorial page but its not working in app ,code is coming but open url is not triggering. i think problem is with scheme url .

this is my  callback url https://samplebit://callback callback url .

what should be the url scheme ?

i have given as samplebit://callback in my app .Its not working please give reply as soon as possible

Hi,

How to verify the subscriber?

i have used this url  to verify a subscriber

GET https://yourapp.com/fitbit/webhook?verify=correctVerificationCode

https://samplebit.com/fitbit/webhook?verify=b5cd78e0342331260800cd18f192ff111e68eaedc5c35c30bedf62e091a80a6

but you are not successfully subscribed is coming

what is the process 

Hi @kshilpa

I'm sorry for my earlier typo.   My example redirect_uri should have been https://samplebit/callback.  This URL needs to be an entry point back into your application that would parse the URL and grab the authorization code embedded in the URL.   If https://samplebit/callback doesn't exist in your application, then the page should fail.

First, have you verified the subscriber endpoint, https://yourapp/fitbit/webhook, is accessible to the outside world?  If so, when you press the "Verify" button in dev.fitbit.com, Fitbit will send your subscriber endpoint 2 GET requests.  The first GET request will contain your verification code. Your application needs to reply with a 204 response.  The second GET request will contain an intentional invalid code. Your application needs to reply with a 404 response.

When you press the "Verify" button, Fitbit is going to send 2 GET requests to your subscriber endpoint

GET https://secureone.anvayaa.com/testAnvayaaARS?verify=<CorrectVerificationCode>

The verification code can be found under the "Verify" button.  Your application should to confirm the verification code is correct and respond to Fitbit with a 204

GET https://secureone.anvayaa.com/testAnvayaaARS?verify=<IncorrectVerificationCode>

Fitbit will intentional send an incorrect verification code.  Your application should confirm the verification code is incorrect and response to Fitbit with a 404

Is your application doing this?

Subscriber ID Verified at / Verification code Stats

subscriber is verified but no stats are availbale is shown.Means when subscriber logins in Fitbit from app than only endpoint url will be triggered?how will be the data format of steps changed ,heart rate etc.if many  subcribers login  end point url is same than how can the data be managed for each subscriber.

Fantastic!!  The next step is to create a subscription for one of the users that have authorized access to your application.  Here's the link to the docs: https://dev.fitbit.com/build/reference/web-api/subscriptions/#adding-a-subscription.  

An example of what this might look like for subscribing to the activities collection is

POST https://api.fitbit.com/1/user/-/activities/apiSubscriptions/320json

specifying the header X-Fitbit-Subscriber-Id set to the value of your subscriber Id (e.g. 1).

After the subscription has been created, when your user updates their activities data, your application should receive a webhook notification.  The subscriber stats value should increase.

I have given https://api.fitbit.com/1/user/-/activities/apiSubscriptions/AKCSS1.json post but i am gettig the reply as

given Header  X-Fitbit-Subscriber-Id:AKCSS1

{
"errors": [
{
"errorType": "system",
"fieldName": "n/a",
"message": "Authorization Error: Invalid authorization token type"
}
],
"success": false
}

what is the problem in the above process  .should  we send token in the  above url

Yes, you still need to provide the Authorization header and provider a Bearer token (access token)

can you tell me clearly what we should send in header and body, i am sending subscriber id and token in header.

what are the exact keys?

 I have tried this  url https://api.fitbit.com/1/user/4LTZBZ/activites/apiSubscriptions/AKCSS1.json

[{"key":"access_token","value":"eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiIyMkQ5UlkiLCJzdWIiOiI3N0JSUEgiLCJpc3MiOiJGaXRiaXQiLCJ0eXAiOiJhY2Nlc3NfdG9rZW4iLCJzY29wZXMiOiJyc29jIHJzZXQgcmFjdCBybG9jIHJ3ZWkgcmhyIHJudXQgcnBybyByc2xlIiwiZXhwIjoxNTUwMTUzOTkwLCJpYXQiOjE1NTAxMjUxOTB9.jO6kx3x67z-MQktXOkWwQ6rkWpmrxpDaAGcd0_efLng","description":""},{"key":"Authorization","value":"Basic c2hpbHBhLmtAeHJnY29uc3VsdGluZy5jb206aHlkZXJhYmFk","description":""},{"key":"Content-Type","value":"application/json","description":""}]

Response:

{"success":false,"errors":[{"errorType":"invalid_client","message":"Invalid authorization header. Client id invalid. Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process."}]}

but it is showing invalid client id  .authorisation it is taking automatically when given credentials of fitbit account.what is the problem.

the document is not at all engough  to get successfull data

It's probably not a good idea to provide your tokens in the public forum.  You can private message those to me.

The syntax for adding a subscription should look similar to this

https://api.fitibt.com/1/user/<user-id>/activities/apiSubscription/<subscription-id>.json

And you'll need these headers

Authorization = Bearer <the user-id's access token>

X-Fitbit-Subscriber-Id = <subscriber-id>    [NOTE: Only needed if you have multiple subscribers.  Otherwise, we will use the default one]