07-17-2022 19:54
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

07-17-2022 19:54
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Hi there,
With PKCE, I can successfully use the retrieved token reponse's accessToken to directly query the api by using the default dash "-" in the endpoint url for [user-id]
(e.g. /1/user/-/activities/date/[date].json)
but the token response itself doesn't return the actual user-id.
Example response logged:
TokenResponse {
"accessToken": "--------------accesstokenhere-----------------",
"expiresIn": 28800,
"idToken": undefined,
"issuedAt": 1658111883,
"refreshToken": "--------------refreshtokenhere-----------------",
"scope": "sleep activity nutrition",
"state": undefined,
"tokenType": "Bearer",
}
Any idea how I can actually get the user-id after auth?
The docs state that user-id is returned in the token response, but at least for Authorization Code Grant Flow with PKCE method, i'm not getting it.
Appreciate any help you can provide - thanks!
Answered! Go to the Best Answer.
Accepted Solutions
07-19-2022 13:20
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post



07-19-2022 13:20
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Hi @streak1
The token response you provided doesn't match what is in the documentation. It's possible the response you're seeing is generated by the OAuth 2.0 libraries that you're using. Which library are you using?
Gordon
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google

07-19-2022 13:20
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post



07-19-2022 13:20
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Hi @streak1
The token response you provided doesn't match what is in the documentation. It's possible the response you're seeing is generated by the OAuth 2.0 libraries that you're using. Which library are you using?
Gordon
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google

07-19-2022 18:03 - edited 07-19-2022 18:04
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

07-19-2022 18:03 - edited 07-19-2022 18:04
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Hey @Gordon-C
Thanks so much for getting back.
I'm using Expo's AuthSession API - https://docs.expo.dev/versions/latest/sdk/auth-session/
import { makeRedirectUri, useAuthRequest, exchangeCodeAsync } from 'expo-auth-session';
They actually have a specific example for authentication with fitbit services, so i'm surprised if that was the case.
https://docs.expo.dev/guides/authentication/#fitbit
My current workaround is to create a subscription with the token and the response returns the user-id (as ownerId), but I'll give an alternative auth library a try when I can to verify this.
My only concern is whether documentation is not reflecting what's actually being returned by the fitbit API (e.g. https://community.fitbit.com/t5/Web-API-Development/PKCE-and-client-secret/td-p/2807797) - not saying this is the case, but that was why I was asking here.
Thank you!

07-21-2022 01:56
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post

07-21-2022 01:56
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report this post
Hi @Gordon-C
Update: You are right - tested with postman and can confirm that user-id is being returned as a response.
Appreciate your help on this!

