08-29-2015 16:22
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

08-29-2015 16:22
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Hey all - does anyone have a working R script to access the API?
Everything I've got and research I've done to authenticate via oauth 1 or 2 seems broken using the httr package.
For oauth 2:
library(httr) app = '<OAuth 2.0 Client ID>' key <- '<Client (Consumer) Key>' secret <- '<Client (Consumer) Secret>' accessTokenURL <- 'https://api.fitbit.com/oauth2/token' authorizeURL <- 'https://www.fitbit.com/oauth2/authorize' fbr <- oauth_app(key,app,NULL) fitbit <- oauth_endpoint(NULL, authorizeURL,accessTokenURL) token <- oauth2.0_token(fitbit,fbr,scope='profile',as_header=TRUE, cache=FALSE)
When I check token$credentials I get the error message:
$errors $errors[[1]] $errors[[1]]$errorType [1] "oauth" $errors[[1]]$fieldName [1] "n/a" $errors[[1]]$message [1] "No Authorization header provided in the request. Each call to Fitbit API should be OAuth signed" $success [1] FALSE
I have tried all the misc settings in fitbit setting up my app, both as a server and a client, and I have my callback URL correctly set up as http://localhost:1410
I'm running in R Studio version 0.98.1102 and R
Any ideas?
Thanks,
Isaac
Current session info:
R version 3.1.2 (2014-10-31) Platform: x86_64-apple-darwin13.4.0 (64-bit) locale: [1] en_US.UTF-8/en_US.UTF-8/en_US.UTF-8/C/en_US.UTF-8/en_US.UTF-8 attached base packages: [1] stats graphics grDevices utils datasets methods base other attached packages: [1] httr_1.0.0 loaded via a namespace (and not attached): [1] curl_0.9.3 httpuv_1.3.2 jsonlite_0.9.14 R6_2.0.1 Rcpp_0.11.4 stringr_0.6.2 [7] tools_3.1.2
Answered! Go to the Best Answer.
Accepted Solutions
08-31-2015 09:45
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

08-31-2015 09:45
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
- Who Voted for this post?
Hi Isaac
I've also started looking at using the fitbit api using R. After about an hour I got oauth 1 to work but couldn't work out oauth 2. This works for me:
library(httr) token_url = 'https://api.fitbit.com/oauth/request_token' access_url = 'https://api.fitbit.com/oauth/access_token' auth_url = 'https://www.fitbit.com/oauth/authorize' key <- '<Client (Consumer) Key>' secret <- '<Client (Consumer) Secret>' myapp = oauth_app('data_access', key, secret) fb_ep = oauth_endpoint(token_url, auth_url, access_url) token = oauth1.0_token(fb_ep, myapp) gtoken = config(token = token) resp = GET('https://api.fitbit.com/1/user/-/sleep/date/today.json', gtoken) content(resp)
In my api application settings I have "OAuth 1.0 Application Type" set to "Browser".
Hope that helps.
Graham
Current session info:
R version 3.2.1 (2015-06-18) Platform: x86_64-apple-darwin13.4.0 (64-bit) Running under: OS X 10.9.5 (Mavericks) locale: [1] en_GB.UTF-8/en_GB.UTF-8/en_GB.UTF-8/C/en_GB.UTF-8/en_GB.UTF-8 attached base packages: [1] stats graphics grDevices utils datasets methods base other attached packages: [1] httr_1.0.0
08-31-2015 09:45
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

08-31-2015 09:45
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
- Who Voted for this post?
Hi Isaac
I've also started looking at using the fitbit api using R. After about an hour I got oauth 1 to work but couldn't work out oauth 2. This works for me:
library(httr) token_url = 'https://api.fitbit.com/oauth/request_token' access_url = 'https://api.fitbit.com/oauth/access_token' auth_url = 'https://www.fitbit.com/oauth/authorize' key <- '<Client (Consumer) Key>' secret <- '<Client (Consumer) Secret>' myapp = oauth_app('data_access', key, secret) fb_ep = oauth_endpoint(token_url, auth_url, access_url) token = oauth1.0_token(fb_ep, myapp) gtoken = config(token = token) resp = GET('https://api.fitbit.com/1/user/-/sleep/date/today.json', gtoken) content(resp)
In my api application settings I have "OAuth 1.0 Application Type" set to "Browser".
Hope that helps.
Graham
Current session info:
R version 3.2.1 (2015-06-18) Platform: x86_64-apple-darwin13.4.0 (64-bit) Running under: OS X 10.9.5 (Mavericks) locale: [1] en_GB.UTF-8/en_GB.UTF-8/en_GB.UTF-8/C/en_GB.UTF-8/en_GB.UTF-8 attached base packages: [1] stats graphics grDevices utils datasets methods base other attached packages: [1] httr_1.0.0
08-31-2015 18:01
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

08-31-2015 18:01
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Works great! Thank you!

12-15-2015 06:01
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

12-15-2015 06:01
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Have you been able to have any success using oauth2 and the httr package to access the API? If so can you share some code?
Thanks

12-23-2015 10:38
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

12-23-2015 10:38
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Hi - I'm working on a linear model to see how activity correlates to weight and body fat % (collected using the fitbit aria scale).
I'm still collecting the data and writing the code, so nothing I'm ready to share yet.
Thanks,
Isaac

01-09-2016 11:45
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

01-09-2016 11:45
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
- Who Voted for this post?
Finally managed to get the API working using OAuth2.0 and httr. See here for example code:
http://stackoverflow.com/a/34697982/3887160
01-14-2016 09:09
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

01-14-2016 09:09
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Hi everyone,
I was able to get this working in R but when I look at my content (getting heart rate data) I only have the variable `activities-heart` not intraday ones. Could you guys make it work? Does anyone one have some kinf of example on how to go further after content(resp)?
Thanks!
Renato Leal (Brazil)

01-14-2016 11:28 - edited 01-14-2016 11:30
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

01-14-2016 11:28 - edited 01-14-2016 11:30
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
This works for me (assuming you have already got a token):
library(jsonlite)
url <- "https://api.fitbit.com/1/user/-/activities/heart/date/2015-12-25/1d/1min.json" resp <- GET(url, config(token = fitbit_token)) hr <- fromJSON(content(resp, as = 'text'))
# Print parts of hr
hr$`activities-heart`$dateTime hr$`activities-heart-intraday`$dataset$time hr$`activities-heart-intraday`$dataset$value

01-14-2016 12:27
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

01-14-2016 12:27
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Excellent. Works well. Thanks

01-14-2016 13:17 - edited 01-14-2016 13:25
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

01-14-2016 13:17 - edited 01-14-2016 13:25
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Thanks for the answer. I checked and my app type was wrong so I couldn't get my intraday data.
Your code will help me a lot!

01-14-2016 13:39
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

01-14-2016 13:39
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Is your Application type set to "Personal"? I think this is the only app type that can have access to intraday heart rate data.
Also, maybe Fitbit haven't granted you access to the intraday data. I think you do need to ask for it explicitly and it is granted per app so make sure you are using the app that they granted the permission on.
Failing that, I don't know. Could you be a vampire?

01-17-2016 08:21
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

01-17-2016 08:21
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
- Who Voted for this post?
I have managed to get this code working great. However after time I am getting the following error
resp <- GET(url = "https://api.fitbit.com/1/user/-/sleep/date/2015-10-10.json", + config(token = fitbit_token)) Auto-refreshing stale OAuth token. Error in refresh_oauth2.0(self$endpoint, self$app, self$credentials, self$params$user_params) : Unauthorized (HTTP 401).
I realize the OAuth2.0 token is only valid for one hour and there are ways to refresh the token. I have read through the documents and it is still not clear to me how to refresh the token using R. My current solution is to reset my ConsumerKey/Secret. This is obviously not optimal. Do you have suggestions.
Thanks
01-17-2016 13:52 - edited 05-22-2016 02:45
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

01-17-2016 13:52 - edited 05-22-2016 02:45
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Hopefully this pull request will be merged into httr soon, which addresses this problem refreshing tokens. Once that happens, just re-download the dev version of httr.
2016-05-22 update: the pull request has now been merged.

04-10-2016 02:20
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

04-10-2016 02:20
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Hello there,
does that code to obtain oauth2 token still work?
Just tried it and got error:
The app you're trying to connect did not provide valid information to Fitbit. Please report this issue to them.
Developer information: invalid_request - Invalid redirect_uri parameter value

04-10-2016 09:43
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

04-10-2016 09:43
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
You have to change the authorization URL to http://localhost:1410/ in the script and in your app.
I don't know how any one is getting that script to work because I cannot get it to work and Fitbit support is nearly non-existent. I'm stuck at an end_point auth error that is confounding me.

04-10-2016 12:13
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

04-10-2016 12:13
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
The script still works for me without any modifications (except setting your own key and secret).
Did you set the Callback URL to "http://localhost:1410" in your Application Settings?

04-10-2016 12:31
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

04-10-2016 12:31
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Yeah -- totally. Check out the script on Git: https://github.com/wfio/fitbit/tree/master

04-10-2016 14:23
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

04-10-2016 14:23
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
wfio, I looked at your script on github and I think you've made a couple of unnecessary changes to the original script (changing the authorize parameter and also adding "user_params").
What happens if you copy and paste the original script and only replace your key and secret?

04-10-2016 15:26
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

04-10-2016 15:26
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Heyo - thanks for sticking on and helping.
If I just use the script from SO and put in my client key and my secret the app will not authenticate. When it opens the browser window it throws this error: "The app you're trying to connect did not provide valid information to Fitbit. Please report this issue to them. Developer information: invalid_request - Invalid redirect_uri parameter value".
So, if I modify the script and change **only** the authorize URI in the script to http://localhost:1410/ and source the script it will authenticate (locally) and it opens the browser and prints "Authentication complete. Please close this page and return to R.". However, when I go back to the RStudio console the following error is present: "Error in init_oauth2.0(self$endpoint, self$app, scope = self$params$scope, :
Bad Request (HTTP 400)".
So, now, if I modify the script one step further to match what you see in Github (adding in user_params) then I still authenticate as above and I don't get the init_oath2.0 error AND the GET command works and downloads a JSON variable (resp).
Now, when I content(resp), I get the following error:
$errors
$errors[[1]]
$errors[[1]]$errorType
[1] "invalid_client"
$errors[[1]]$message
[1] "Invalid authorization header format. Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process."
$success
[1] FALSE
Any help would be very much appreciated. I've read through the API docs for Authentication back and forwards.
Here is my RSession
> sessionInfo()
R version 3.2.4 Revised (2016-03-16 r70336)
Platform: x86_64-w64-mingw32/x64 (64-bit)
Running under: Windows 7 x64 (build 7601) Service Pack 1
locale:
[1] LC_COLLATE=English_United States.1252 LC_CTYPE=English_United States.1252
[3] LC_MONETARY=English_United States.1252 LC_NUMERIC=C
[5] LC_TIME=English_United States.1252
attached base packages:
[1] stats graphics grDevices utils datasets methods base
other attached packages:
[1] httr_1.1.0
loaded via a namespace (and not attached):
[1] R6_2.1.2 rsconnect_0.4.2.1 parallel_3.2.4 tools_3.2.4 curl_0.9.6
[6] Rcpp_0.12.4 xml2_0.1.2 jsonlite_0.9.19 httpuv_1.3.3 openssl_0.9.2

04-11-2016 05:15
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

04-11-2016 05:15
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
wfio, I'm pretty sure putting "http://localhost:1410/" in the authorize URL is only making it seem like you are getting further in the process. Checking the state of the fitbit_token after the call to oauth2.0_token will hopefully reveal that (I think you can look at fitbit_token$credentials).
Ultimately you do need authorize = "https://www.fitbit.com/oauth2/authorize" -- this is integral to the authorization process.
My guess is that there is something up with your application settings (on dev.fitbit.com), e.g. the Callback URI not matching the redirect_url. Maybe your version of httr is using a different redirect_url. You could try "http://127.0.0.1:1410" in the Callback URI app settings.

