1

Does anyone have a working R script to access the API? I see there is a webscraping package, but I'd prefer to use the official API if possible.

Everything I've got and research I've done to authenticate via oauth 1 or 2 seems broken using the httr package.

For oauth 2:

library(httr)
app = '<OAuth 2.0 Client ID>'
key <- '<Client (Consumer) Key>'
secret <- '<Client (Consumer) Secret>'
accessTokenURL <- 'https://api.fitbit.com/oauth2/token'
authorizeURL <- 'https://www.fitbit.com/oauth2/authorize'

fbr <- oauth_app(key,app,NULL)
fitbit <- oauth_endpoint(NULL, authorizeURL,accessTokenURL)
token <- oauth2.0_token(fitbit,fbr,scope='profile',as_header=TRUE, cache=FALSE)

When I check token$credentials I get the error message:

$errors
$errors[[1]]
$errors[[1]]$errorType
[1] "oauth"

$errors[[1]]$fieldName
[1] "n/a"

$errors[[1]]$message
[1] "No Authorization header provided in the request. Each call to Fitbit API should be OAuth signed"



$success
[1] FALSE

I have tried all the misc settings in fitbit setting up my app, both as a server and a client, and I have my callback URL correctly set up as http://localhost:1410

Any ideas?

Thanks, Isaac

ps: I've crossposted on fitbit's forums: https://twitter.com/IsaacWyatt/status/637768649290350592 and also tweeted at Hadley Wickham for help. Retweets welcome!

Current session info:
R version 3.1.2 (2014-10-31)
Platform: x86_64-apple-darwin13.4.0 (64-bit)

locale:
[1] en_US.UTF-8/en_US.UTF-8/en_US.UTF-8/C/en_US.UTF-8/en_US.UTF-8

attached base packages:
[1] stats     graphics  grDevices utils     datasets  methods   base     

other attached packages:
[1] httr_1.0.0

loaded via a namespace (and not attached):
[1] curl_0.9.3      httpuv_1.3.2    jsonlite_0.9.14 R6_2.0.1        Rcpp_0.11.4     stringr_0.6.2  
[7] tools_3.1.2
Isaac Wyatt
  • 19
  • 5
  • Since when is randomly tweeting at people considered appropriate. Methinks it just gets you blocked. – Dirk Eddelbuettel Aug 31 '15 at 01:15
  • @DirkEddelbuettel - Hadley has tweeted recently about accessing fitbit data - presumably he is interested / might be knowledgeable on the topic. – thelatemail Aug 31 '15 at 02:35
  • @thelatemail With all due respect, that is utter nonsense. The man has tweeted 15k times; and the best you will find is a _wish_ by him for someone else writing this. – Dirk Eddelbuettel Aug 31 '15 at 02:44
  • This seems like it's solved here... http://stackoverflow.com/questions/12212958/oauth-authentification-to-fitbit-using-httr – cory Aug 31 '15 at 15:30
  • Hey all - yeah I agree tweeting with folks isn't the best way - but it definitely helps. I think I have solution from the FitBit forums and am testing this evening. It seems the increased visibility form tweeting/re-tweeting is helping. The solution on the other stockoverflow thread doesn't actually help solve because I don't know how to incorporate those changes. They might be a moot point anyway however if this other solution I just received works. Thanks all for your contributions! @DirkEddelbuettel – Isaac Wyatt Sep 01 '15 at 00:48

2 Answers2

2

Fitbit's API access via OAuth1.0a is deprecated from 2016-03-14, so here is working script using OAuth2.0. There was an issue with the httr package not being able to request a token using HTTP Basic authentication (required by Fitbit), but this is fixed by a new use_basic_auth argument to oauth2.0_token().

Fitbit Application Settings

  • OAuth 2.0 Application Type: Personal
  • Callback URL: http://localhost:1410 (this is the default expected by httr)

Example

# Until the version *following* httr 1.0.0 is available on CRAN, get the
# development version by uncommenting the following 2 lines
# library(devtools)
# install_github("hadley/httr")
library(httr)

# 1. Set up credentials
fitbit_endpoint <- oauth_endpoint(
  request = "https://api.fitbit.com/oauth2/token",
  authorize = "https://www.fitbit.com/oauth2/authorize",
  access = "https://api.fitbit.com/oauth2/token")
myapp <- oauth_app(
  appname = "data_access",
  key = "Your OAuth 2.0 Client ID", 
  secret = "Your Client (Consumer) Secret")

# 2. Get OAuth token
scope <- c("sleep","activity")  # See dev.fitbit.com/docs/oauth2/#scope
fitbit_token <- oauth2.0_token(fitbit_endpoint, myapp,
  scope = scope, use_basic_auth = TRUE)

# 3. Make API requests
resp <- GET(url = "https://api.fitbit.com/1/user/-/sleep/date/2015-10-10.json", 
  config(token = fitbit_token))
content(resp)
Graham Parsons
  • 466
  • 7
  • 9
0

So I asked for help on fitbit's forums as well, and user grahamrp posted the following using oauth 1.0:

library(httr)
token_url = 'https://api.fitbit.com/oauth/request_token'
access_url = 'https://api.fitbit.com/oauth/access_token'
auth_url = 'https://www.fitbit.com/oauth/authorize'
key <- '<Client (Consumer) Key>'
secret <- '<Client (Consumer) Secret>'

myapp = oauth_app('data_access', key, secret)
fb_ep = oauth_endpoint(token_url, auth_url, access_url)
token = oauth1.0_token(fb_ep, myapp)
gtoken = config(token = token)

resp = GET('https://api.fitbit.com/1/user/-/sleep/date/today.json', gtoken)
content(resp)

This works for me as of 8/31/2015 Link: https://community.fitbit.com/t5/Web-API/Working-R-script-Using-API-R-Mac-OS-X/m-p/931586/highlight/false#M3002

Thanks all for your attention to this!

Best,

Isaac

Isaac Wyatt
  • 19
  • 5
  • Hi! The above code is not working anymore. The website invoked gives an error message. I already substituted oauth_1.0token() by oauth2.0_token(). Can anyone help? – CodingButStillAlive Nov 24 '16 at 08:49