Fitbit provides an OAuth 2.0 endpoint for logging in with a Fitbit user's credentials. You'll need to first register your Fitbit application here.
Please note:
- Fitbit does not provide a OIDC discovery endpoint, so
serviceConfiguration
is used instead. - Fitbit OAuth requires a client secret.
const config = {
clientId: 'your-client-id-generated-by-fitbit',
clientSecret: 'your-client-secret-generated-by-fitbit',
redirectUrl: 'com.whatever.url.you.configured.in.fitbit.oauth://redirect', //note: path is required
scopes: ['activity', 'sleep'],
serviceConfiguration: {
authorizationEndpoint: 'https://www.fitbit.com/oauth2/authorize',
tokenEndpoint: 'https://api.fitbit.com/oauth2/token',
revocationEndpoint: 'https://api.fitbit.com/oauth2/revoke'
}
};
// Log in to get an authentication token
const authState = await authorize(config);
// Refresh token
const refreshedState = await refresh(config, {
refreshToken: authState.refreshToken,
});
// Revoke token
await revoke(config, {
tokenToRevoke: refreshedState.refreshToken,
includeBasicAuth: true
});