Skip to main content

(I’ve read the relevant posts on here but did not find the answers I seek there)

Hi all,

New to oauth2, building an app that needs to read activity data from Strava. For this, I need activity:read in my permission scope. However, I can only get the “read” scope despite choosing scope arg as “activity:read” or “read, activity:read”. I can see that the token generated only has “read” permission on the API app dashboard on my profile, and I also see an authorization error when I invoke the read activities API. Here is my code:

 

REDIRECT_URI = "https://localhost:8501"

AUTHORIZE_URL = "https://www.strava.com/oauth/authorize"

TOKEN_URL = "https://www.strava.com/api/v3/oauth/token"

SCOPE = "activity:read"

API_BASE = 'https://www.strava.com/api/v3'

 

auth_url = f"{AUTHORIZE_URL}?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&response_type=code&scope={SCOPE}"

 

I exclude the client id and secret of course, and the rest of the code that creates a link on my dashboard to auth_url. This generally works - I get my athlete summary back, but no activity:read permission.

Any help would be appreciated !!

The token on your API dashboard is a different token than the one you get in your app. The first is only for simple testings with your own account were you don’t want to go through the oauth flow.

Thanks for your reply, Jan. But when I go through the oAuth flow I get the same token, and despite requesting activity:read, I get a permission error when trying to invoke the API to list activities. How can I get the a different token with the right permission through my app? 

And you have set the option to read activities on the Strava website (https://www.strava.com/oauth/authorize) where you have to confirm the app scope? And after that you have used the one time permission code to get the access and refresh token?

Reply


Terms & ConditionsCookie settings