I'm trying to get an application running that was last running about a year ago, using the fitbit oauth2 APIs. I've been fighting bitrot in the javascript libraries we were using, and now that it's doing *something*, it's getting stuck at:

"This page is no longer valid. It looks like you provided an invalid token or someone already used the token you provided. Please return to the site or application which sent you to this page and try again."

This is when attempting to authorize. The URL it's hitting is:

https://www.fitbit.com/oauth/authorize?redirect_uri=http%3A%2F%2Fcentral.corperformance.co.uk%3A3000...

I'm not really sure what the problem is. The client_id is the ID of our application, and to the best of my knowledge, the redirect url and client id match what is in the fitbit application that I've registered.