oAuth2 upgrading questions

brettr · ‎10-14-2015

Does moving from 1.0 to 2.0 require a rework of logic in our app?

It looks like we need to do a one-time call to get user only refresh tokens. How do we detect if this has already occurred so we don't keep doing the refresh?

Once we get refresh tokens, we should replace the curent users tokens with them?

Do we keep our app tokens that are being used now?

We should submit a POST to this URL: https://api.fitbit.com/oauth2/token?grant_type=refresh_token&refresh_token=abcdef01234567890abcdef01... existing token secret]

Thanks,

Brett

JeremiahFitbit · ‎10-15-2015

@brettr wrote:

Does moving from 1.0 to 2.0 require a rework of logic in our app?

Yes, in a few ways:

If you're not using JSON responses, then you'll need to migrate away from XML.
Read about the differences regarding token expiry in the OAuth 2.0 announcement.

brettr wrote:

It looks like we need to do a one-time call to get user only refresh tokens. How do we detect if this has already occurred so we don't keep doing the refresh?

That's up to you. In one of our own apps, we created two new columns (oauth2_access_token, oauth2_refresh_token) in our existing credentials table, retrieved the upgraded tokens, saved them in the new columns, tested an updated version of our app that made OAuth 2.0 requests, and then released the updated app.

Join us on the Community Forums!

Community Guidelines

Learn the Basics

Join the Community!

Not finding your answer on the Community Forums?

Go to the Help Site

Contact Support

oAuth2 upgrading questions

brettr

JeremiahFitbit