help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 

insufficient_permissions when writing weight

ANSWERED

‎08-09-2024 01:30

‎08-09-2024 01:30

I'm writing a python script to collect and write some data to fitbit. I don't have a smart scale so I just want to add my weight daily to fitbit (and also strava and wahoo). I created a "personal" application. And when requesting the tokens, I used 'scope': 'activity heartrate profile sleep weight'. I'm able to read the user data like name etc.

    headers = {
                'Authorization': f'Bearer {fitbit_access_token}',
                'accept': 'application/json'
            }

    # urlDict["user"] = https://api.fitbit.com/1/user/-/profile.json
    response = requests.get(urlDict["user"], headers=headers, timeout=10)

However when I want to write my weight, using this code:

    today = datetime.now().strftime('%Y-%m-%d')
    data = {
        'weight': weight,
        'date': today
    }
    content_length = len(str(data))
    headers = {
                'Authorization': f'Bearer {fitbit_access_token}',
                'accept': 'application/json',
                'content-length': str(content_length)
            }
    response = requests.post(urlDict["set_weight"], data=data, headers=headers, timeout=10)

I receive the following error:

[{'errorType': 'insufficient_permissions', 'message': 'Read-only API client is not authorized to update resources. Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process.'}]

What permissions am I missing? Or is it because this is a "personal" application type, that I can't write anything? 

I tried checking the introspect url, but I can't get that to work:

url = 'https://api.fitbit.com/1.1/oauth2/introspect'
    headers = {
                'Authorization': f'Bearer {fitbit_access_token}',
                'Content-Type': 'application/x-www-form-urlencoded'
            }
    data = {
        'Token':f'{fitbit_access_token}'
    }
    response = requests.post(url, data=data, headers=headers, timeout=10)

{'errors': ['RpcInvalidParametersException(errors:[InvalidParameterError(message:Token parameter is missing. Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process.)], message:Invalid request parameters)']}

 

Best Answer
Labels:
0 Votes
1 BEST ANSWER

Accepted Solutions

‎08-09-2024 06:34

In response to GabesScript

‎08-09-2024 06:34

It's in the same place where you select the OAuth application type (client/server/personal). Go to https://dev.fitbit.com/apps -> select your app -> edit application settings -> Default Access Type -> Read & Write

View best answer in original post

Best Answer
0 Votes
6 REPLIES 6

‎08-09-2024 06:03

‎08-09-2024 06:03

Solved the introspect part. It should've been lowercase 😞 Although the docs says "Token=" it should be "token=".

But I now get as response: 
```'scope': '{PROFILE=READ, WEIGHT=READ, HEARTRATE=READ, SLEEP=READ, ACTIVITY=READ}'```
How can I request write permissions?

Best Answer
0 Votes

‎08-09-2024 06:34

In response to GabesScript

‎08-09-2024 06:34

It's in the same place where you select the OAuth application type (client/server/personal). Go to https://dev.fitbit.com/apps -> select your app -> edit application settings -> Default Access Type -> Read & Write

Best Answer
0 Votes

‎08-09-2024 10:00

In response to jl__

‎08-09-2024 10:00

Aaaah thank you. I thought I needed the scopes for that. It now works!

Best Answer
0 Votes

‎08-13-2024 07:11

In response to GabesScript

‎08-13-2024 07:11

@jl__ ...thank you for helping out.

Hi @GabesScript ... would you please point where in the documentation that the introspect endpoint uses a capital T for the token variable?   I'm looking at our documentation and we have it lower case.   If there is a typo, I would like to correct it.

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer
0 Votes

‎08-13-2024 10:50

In response to Gordon-C

‎08-13-2024 10:50

Hi,
I can't find it anymore and I think I was looking at the link you're referring to. I guess while trying many different formats to get my python code working I mixed up the instructions, but the link seems with correct caps. Sorry for that.

And thank you for reaching out in your effort to get the documentation quality high. Wish more companies would do that 🙂

Again, sorry for the mistake.

Best Answer
0 Votes

‎09-17-2024 03:19 - edited ‎09-17-2024 21:56

In response to jl__

‎09-17-2024 03:19 - edited ‎09-17-2024 21:56

I had the same issue with insufficient permissions when trying to write weight data. After some trial and error, I found that it's often a problem with the app permissions or a mismatch in API setup. Double-check that your API is set up correctly, and that all permissions are granted for the specific endpoints you're accessing. If you're working on multiple projects like health apps, you might find some tasks overwhelming. That's why I've been using services like https://www.masterpapers.com/ to help with documentation when I'm short on time. It’s a game-changer, especially when you need to focus on coding or API troubleshooting.

Best Answer
0 Votes