Skip to main content

Hi, I am writing an application in which I would like to record activity in Strava.

 

I am running such url

 

var authUrl =

"https://www.strava.com/oauth/authorize" +

$"?client_id={_clientId}" +

"&response_type=code" +

$"&redirect_uri={Uri.EscapeDataString(redirectUri)}" +

"&approval_prompt=force" +

"&scope=activity:read_all,activity:write";

 

authorizes with my Strava account and gets a new token along with this scop scope=read,activity:write,activity:read_all

 

Then performs a POST of this code to https://www.strava.com/oauth/token

 

All operations go through without error but after refreshing the API mouthpiece I still see scope:read and as I try to save the activity I get an error

 

 

What is an API mouthpiece and what error do you get?


I got this error

{"message":"Authorization Error","errors":[{"resource":"AccessToken","field":"activity:write_permission","code":"missing"}]}

And my code (c#) to create activity looks like 

 

    public class StravaService(HttpClient _httpClient, ISecureTokenDataService tokenService) : IStravaService
{
public async Task CreateActivityAsync(CreateActivityRequest req)
{
var token = await tokenService.GetCurrentAccessTokenAsync();
if (token == null) throw new InvalidOperationException();

_httpClient.DefaultRequestHeaders.Authorization =
new AuthenticationHeaderValue("Bearer", token);

var form = new Dictionary<string, string?>
{
"name"] = req.Name,
"type"] = req.Type,
"sport_type"] = req.SportType,
"start_date_local"] = req.StartDateLocal.ToString("yyyy-MM-ddTHH:mm:ssZ"),
"elapsed_time"] = req.ElapsedTime.ToString(),
"distance"] = req.Distance?.ToString(),
"description"] = req.Description ?? "",
"trainer"] = req.Trainer?.ToString() ?? "0",
"commute"] = req.Commute?.ToString() ?? "0"
};

using var response = await _httpClient.PostAsync(
"api/v3/activities",
new FormUrlEncodedContent(form)
);

if (!response.IsSuccessStatusCode)
{
var body = await response.Content.ReadAsStringAsync();
throw new Exception($"({(int)response.StatusCode}] {body}");
}
}

}

 


You should make doubly sure that you really are using the access token and refresh token that you obtained from https://www.strava.com/oauth/token and not something you see on https://www.strava.com/settings/api


Reply