help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

domain redirection has been confirmed

‎04-10-2017 01:17

‎04-10-2017 01:17

Dear Sir or Madam

 

This is Mr.Murakami of Neos Corp.

 

Our "Renobody" iOS app allows limited domain access only and allows "Fitbit.com" when using your API.
However, the following domain redirection has been confirmed from the most recent authentication screen.
(hen, we couldn't access to the authentication screen.)
cloudfront
fls.doubleclick.net


We would like to ask for one or more of the following to resolve the issue.
1. Stop redirection from the authentication screen
OR
2. Disclose domains that may redirect from the authentication screen

 

Sincerely

Best Answer
Labels:
0 Votes
3 REPLIES 3

‎04-14-2017 08:34 - edited ‎04-14-2017 08:37

‎04-14-2017 08:34 - edited ‎04-14-2017 08:37

renobody,

To better understand where redirection is happening, could you please post here the url for the [authentication screen] that you talk about in your post. Feel free to replace any security related data in it. 

Could you also please PM to me you app id?

 

If you can post steps to reproduce here it would be delightful, as we can try following these steps to reproduce it on our end and be able to debug the issue.

Best Answer
0 Votes

‎04-17-2017 18:49

In response to IoanbsuFitbit

‎04-17-2017 18:49 

Service
 Renobody  App ID:2294P2

Current Status
  When we access below URL from Renobody App to authenticate
    https://www.fitbit.com/oauth2/authorize

  Then a domain other than the Fitbit service is detected at that time, 
  it becomes a browser start to display that page
  * in Renobody, domains other than "Fitbit.com" and "Api.fitbit.com" do not allow access.

  Detected URL are below
    https://4272175.fls.doubleclick.net/activity
    https://20766817p.rfihub.com/ca.html
    https://staticxx.facebook.com/connect/xd_arbiter/r/_dMxoUH0Bax.js

How to Replay
  1. iOS Renobody app DL from Apple store
  2. Register (required User name, e-mail address, and PW)
  3. Setting
  4. Select fitbit device and setting
  5. Then, launch Safari and direct to below URL
       https://4272175.fls.doubleclick.net
Best Answer
0 Votes

‎04-27-2017 23:05

In response to IoanbsuFitbit

‎04-27-2017 23:05

Thank you for your reply We will inform you of URL details.

 

https : //www.fitbit.com/oauth2/authorize?scope=activity%20heartrate%20location%20nutrition%20profile%20settin...

Best Answer
0 Votes