Skip to main content

Fitbit

Fitbit provides an OAuth 2.0 endpoint for logging in with a Fitbit user's credentials. You'll need to first register your Fitbit application here.

Please note:

  • Fitbit does not provide a OIDC discovery endpoint, so serviceConfiguration is used instead.
  • Fitbit OAuth requires a client secret.
const config = {
  clientId: 'your-client-id-generated-by-fitbit',
  clientSecret: 'your-client-secret-generated-by-fitbit',
  redirectUrl: 'com.whatever.url.you.configured.in.fitbit.oauth://redirect', //note: path is required
  scopes: ['activity', 'sleep'],
  serviceConfiguration: {
    authorizationEndpoint: 'https://www.fitbit.com/oauth2/authorize',
    tokenEndpoint: 'https://api.fitbit.com/oauth2/token',
    revocationEndpoint: 'https://api.fitbit.com/oauth2/revoke',
  },
};

// Log in to get an authentication token
const authState = await authorize(config);

// Refresh token
const refreshedState = await refresh(config, {
  refreshToken: authState.refreshToken,
});

// Revoke token
await revoke(config, {
  tokenToRevoke: refreshedState.refreshToken,
  includeBasicAuth: true,
});