Fitbit Scopes Authorization [Legacy V1]

Owned by Andrew Rankin
Last updated: Oct 27, 2020
2 min read
This article pertains to: Legacy API (V1)

Why am I unable to connect my Fitbit account to my App Marketplace when I only wanted to authorize my app to access my Fitbit device/settings and activity/exercise data?

How does a user’s authorization of certain types of data on the Fitbit OAuth page affect what information is made available through the API?

Fitbit's API has recently updated their OAuth authorization page, and with the new implementation, the old page you were accustomed to see when syncing Fitbit in the Marketplace has been deprecated. The new authorization page allows the user to pick particular data points (scopes) to allow access to through Validic. A user may choose to share ONLY certain scopes, but we do recommend your review of the outline below on specific scopes that are required to properly establish the connection as well as what data is available based on the scopes allowed by a user.

 

 


Please note that unlike the old version that they had, ALL SCOPES are unchecked. A new selection, "Allow All" Scope will check all scopes displayed on the Fitbit Auth page.

The user's choices on which data points are shared would have the following effects:

  • Validic requires that AT LEAST the “profile” scope is allowed (this establishes the user’s timezone and OAuth identify for correct mapping of records)

  • Depending on what scopes the user deselects, certain data may not be captured by Validic.

    • ​If a user does not authorize Profile, authorization will fail and no data will be captured.

    • If a user does not authorize Food and Water Logs, a routine record will still be written, but no ‘Water’ data will be captured. In addition, No Nutrition record will be written.

    • If a user does not authorize Activity and Exercise no Routine data or Fitness activities will be captured.

    • If a user does not authorize Weight, no Weight records will be written.

    • If a user does not authorize Sleep, no Sleep records will be written.

    • If a user does not authorize Fitbit Devices and Settings, no user device information will be written on the Profile.json endpoint.

    • If a user does not authorize Heartrate, no Biometrics records will be written and certain fitness fields will be null.

    • If a user does not authorize Settings, data will not be retrieved in realtime.