help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Trouble with OAuth 2.0 Tutorial

ANSWERED

‎10-20-2016 06:53

‎10-20-2016 06:53

I was hoping to get assistance in troubleshooting OAuth 2.0 access. I can't get the tutorial to work, and it seems that no matter what wrapper I use to get a token, I get the same errors. On the OAuth 2.0 tutorial page, I am selecting Authorization Code Flow, entering my client ID, client secret,  redirect URI, and scopes. I click on the link and copy the code after pressing allow. 

 

The Curl statement does not seem to work when I Hurl.It .   Could someone please help me figure out what I'm doing wrong? Here is an example from one of my test applications.

 

curl -X POST -i -H 'Authorization: Basic MjI4MzdWOjJiMzA4MDJkNzg5ZmVhNGNiZTk0YzEzZWY3NGQ1OWUw' -H 'Content-Type: application/x-www-form-urlencoded' -d "clientId=22837V" -d "grant_type=authorization_code" -d "redirect_uri=http%3A%2F%2Flocalhost" -d "code=ae57c13b25d8ef696b2529835c7fadb9dbe12d40" https://api.fitbit.com/oauth2/token

Per Hurl.It, the request is as follows:

HEADERS

Accept: */*
Accept-Encoding: gzip, deflate
Content-Length: 133
Content-Type: application/x-www-form-urlencoded
User-Agent: runscope/0.1

PARAMETERS

clientId: 22837V
code: ae57c13b25d8ef696b2529835c7fadb9dbe12d40
grant_type: authorization_code
redirect_uri: http%3A%2F%2Flocalhost

BODY 

redirect_uri=http%253A%252F%252Flocalhost&code=ae57c13b25d8ef696b2529835c7fadb9dbe12d40&grant_type=authorization_code&clientId=22837V

And the response I get is:

HEADERS

Cache-Control: no-cache, private
Cf-Ray: 2f2d37fa6f81569f-IAD
Connection: keep-alive
Content-Encoding: gzip
Content-Language: en-US
Content-Type: application/json;charset=utf-8
Date: Sun, 16 Oct 2016 17:26:56 GMT
Server: cloudflare-nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Www-Authenticate: Bearer realm="api.fitbit.com"
X-Frame-Options: SAMEORIGIN

BODY

{
"errors": [
{
"errorType": "invalid_client",
"message": "Invalid authorization header format. Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process."
}
],
"success": false
}

Any ideas as to what I'm doing wrong? Thanks so much in advance!

Best Answer
Labels:
0 Votes
1 BEST ANSWER

Accepted Solutions

‎10-20-2016 15:48

‎10-20-2016 15:48

@bretzelpretzel This is how I did it, and it worked fine for me.

 

Screen Shot 2016-10-20 at 3.47.07 PM.png

Andrew | Community Moderator, Fitbit

What motivates you?

View best answer in original post

Best Answer
2 REPLIES 2

‎10-20-2016 15:48

‎10-20-2016 15:48

@bretzelpretzel This is how I did it, and it worked fine for me.

 

Screen Shot 2016-10-20 at 3.47.07 PM.png

Andrew | Community Moderator, Fitbit

What motivates you?
Best Answer

‎05-23-2017 10:46

In response to AndrewFitbit

‎05-23-2017 10:46

thanx.. This helps me a lot. 🙂

Best Answer
0 Votes