help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

User Authorization & Scopes

ANSWERED

‎11-16-2021 10:34

‎11-16-2021 10:34

When a user authorizes their Fitbit on the authorization page, they are given the opportunity to select (or not) checkboxes for various scopes. Once they do that and submit, is there anywhere in the Fitbit app or device that the user can modify those selections? Example: If the user later decides they don't want to share "sleep" data.

  • If so, do we get any notification of that activity?
  • If not, I assume that means the user would have to disconnect and reauthorize for our application to see the selections again.

Thanks,
Jeff

Best Answer
Labels:
0 Votes
1 BEST ANSWER

Accepted Solutions

‎11-16-2021 12:51

‎11-16-2021 12:51

Hi @Jeff_New_Ocean 

 

The only way for a user to change the scopes they authorized is to go through the authorization flow again.   You can have the user revoke consent and reauthorize your application, but I don't think that is necessary.   My recommendation is to have a button or link in your application that states something like "Change scopes".   Then send the user through the authorization process again making certain to specify the parameter "prompt=consent".  See Authorize URL.  This should present the scopes page to the user so they can make adjustments.

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google

View best answer in original post

Best Answer
2 REPLIES 2

‎11-16-2021 12:51

‎11-16-2021 12:51

Hi @Jeff_New_Ocean 

 

The only way for a user to change the scopes they authorized is to go through the authorization flow again.   You can have the user revoke consent and reauthorize your application, but I don't think that is necessary.   My recommendation is to have a button or link in your application that states something like "Change scopes".   Then send the user through the authorization process again making certain to specify the parameter "prompt=consent".  See Authorize URL.  This should present the scopes page to the user so they can make adjustments.

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer

‎11-16-2021 12:58

In response to Gordon-C

‎11-16-2021 12:58

Thanks @Gordon-C that was super fast!

 

We currently do have the app set up so that if the user is "connected" they can disconnect or refresh.

Jeff_New_Ocean_0-1637096227012.png

I just was confirming if there was a hole where they might be able to change authorized scopes on your end where we would be unaware (and we would get authorization errors). But it sounds like there is not!

 

Thanks,
Jeff

Best Answer
0 Votes