help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

invalid_grant error when requesting for oauth2 token

‎08-24-2022 03:21

‎08-24-2022 03:21

Hello!

I was able to access the access_token last week from from since yesterday even with new authorisation code I still keep getting 

 

 

 

{
"errors": [
{
"errorType": "invalid_grant",
"message": "Authorization code invalid: 3D68e6124cc72f5d42f4b8ec98a358c642cfc7f4b0 Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process."
}
],
"success": false
}

 

 

here are some more details in order to check on your side:

 

- client_id: 238JKX

- code_verifier: 01234567890123456789012345678901234567890123456789

- code_challenge: -4cf-Mzo_qg9-uq0F4QwWhRh4AjcAqNx7SbYVsdmyQM

 

using same codes from the example shared here https://dev.fitbit.com/build/reference/web-api/developer-guide/authorization/

 

I am still able to get new authorisation code with this request

https://www.fitbit.com/oauth2/authorize?client_id=238JKX&response_type=code
&code_challenge=-4cf-Mzo_qg9-uq0F4QwWhRh4AjcAqNx7SbYVsdmyQM&code_challenge_method=S256
&scope=activity%20heartrate%20nutrition%20oxygen_saturation
%20respiratory_rate%20settings%20sleep%20temperature%20weight

 

 

 

but even with new code I keep getting invalid_grant error, can you please help me to understand the reason?

Best Answer
Labels:
0 Votes
2 REPLIES 2

‎08-25-2022 16:40

‎08-25-2022 16:40

Hi @youbs 

 

I recommend you change your code verifier and challenge since this is a public forum.   

 

It sounds like there is some confusion how the authorization process works.   Once you've used the authorization code to obtain the access token and refresh token, that authorization code becomes invalid.   When the access token expires after 8 hours, you'll use the refresh token to obtain a new access token and refresh token pair for that user.  You'll continue with this process of exchanging the refresh token with a new access token / refresh token pair until you or your participants revokes consent.

 

See Using Tokens Effectively for more details

 

 

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google
Best Answer
0 Votes

‎08-26-2022 02:55

In response to Gordon-C

‎08-26-2022 02:55

Hell @Gordon-C thanks for replying!

Yes I understand that and that's the exact same way I was trying to get the access token again. I was able to access it last week without any issues but for some unknown reason it was not working yesterday at all. Then I followed the oauth2 tutorial page and managed to get token for my new application with personal token type. I exactly don't have reason but that was the behaviour observed yesterday

Thanks!

Best Answer
0 Votes