07-04-2023 03:13
07-04-2023 03:13
Hello there,
I want to fetch health data using Fit bit API. After authentication from app side, What is the right procedure to fetch or call health API. Should it be implemented on server side or It should be directly called from App side? Kindly provide overall right procedure to implement fit bit API.
Thanks and regards
07-05-2023 12:32
07-05-2023 12:32
The recommendations we make are going to be security focused. We support both client and server architectures. Where the API calls are called is really up to you and your application architecture. Server-based architectures can provide additional security while communicating via a web service. See Application Types. But there is nothing preventing you from allowing your client to make the API calls and store the data until the user opens a connection with your server to pass the data through. For both architectures, we recommend using Authorization Code Grant Flow with PKCE. This is the most secure OAuth2 authorization mechanism we support.
Gordon
08-16-2023 01:33
08-16-2023 01:33
Hii, @chetananikam
Your server sends authorized API requests to Fitbit on behalf of the user. Fetch health data such as steps, heart rate, etc. And develop a server-side component (backend) that securely stores access tokens. This component communicates with the Fitbit API using the tokens.