Hello,

Some time ago I created a small application that I run on my laptop for personal use (after analyzing some traffic from the web client) that would obtain a token[1] and then use that token to read my heart data [2]. That program used to work for some time (I wast checked in August) and now it results in `{"errors":[{"errorType":"insufficient_permissions","message":"API client is not authorized by Fitbit to access the resource requested. Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process."}],"success":false}` when I try to execute [2]. Note that in the token I have ` "scopes": "whr",`, which seems fine to me.

Is this something that can still be done and how could I fix my program if this is the case? I have noticed that I can download all my data from fitbit, but it's manual process and I can not request heart data from only a specific period of time, which is a waste of resources.

Thank you in advance!

[1]: `curl 'https://api.fitbit.com/oauth2/token' -H 'Accept: application/json, text/javascript, */*; q=0.01' -H 'Content-Type: application/x-www-form-urlencoded' --data 'grant_type=password&username=<username>&password=<password>&client_id=228TQF&access_token=on&scope=heartrate'`
[2]: ` curl 'https://api.fitbit.com/1/user/7KBQ9L/activities/heart/date/2019-07-06/1d/1min/time/00:00/07:00.json' -H 'User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0' -H 'Accept: application/json, text/javascript, */*; q=0.01' -H 'Accept-Language: METRIC' --compressed -H 'Referer: https://www.fitbit.com/' -H 'Authorization: Bearer <token>' -H 'Origin: https://www.fitbit.com' -H 'Connection: keep-alive' -H 'TE: Trailers'`