Skip to main content
Answer

Permissions Error - please help!

  • January 21, 2024
  • 6 replies
  • 476 views
S
Forum|alt.badge.img+3

A little bit of a programming noob here, so forgive my ignorance!

I am trying to pull down my strava activities through a get request in python. I have gone ahead and authorized the API etc. with my app. The first time that i set up the authorization, I believe I gave a read only scope (rather than the read_all permissions needed for the type of data that I want). I went ahead re-authorizing, this time careful to include read_all in the URL- but I'm still having issues. 

 payload = {
    'client_id': client_id,
    'client_secret': client_secret,
    'refresh_token': refresh_token,
    'grant_type': "refresh_token",
    'f': 'json'
}


res = requests.post(auth_url, data=payload, verify=False)

print("On a run to get the token...
")


auth_token_app = res.json()['access_token']

print('Token is:')
print(auth_token_app) 

I'm able to get an access token with the above code, and have tested this out with both the original refresh token I had stored down and the new one, which I believe is specific to the type of read-all permission that I need. I'm able to pull down my high-level stats at this URL:

"https://www.strava.com/api/v3/athletes/#myathletetokenhere/stats"
 
using this request and the token from the above code^
 
header = {'Authorization': 'Bearer ' + auth_token_app} athlete_dataset = requests.get(athlete_url, headers=header).json()
 
However, when I try to grab my recent activities with this snippet below, I get this error:

{'message': 'Authorization Error', 'errors': [{'resource': 'AccessToken', 'field': 'activity:read_permission', 'code': 'missing'}]}

 

header = {'Authorization': 'Bearer ' + auth_token_app}

url = 'https://www.strava.com/api/v3/athlete/activities'
param = {'per_page':200, 'page':1}

athlete_dataset = requests.get(url, headers=header, params=param).json()

Any idea what's going on here? my strava API page shows a token with 'read' permission by the way- but the token I'm getting from the first block of code above doesn't match this one- so I had figured it might be the separate read_all authorized token that I've been looking for

 

Best answer by ActivityFix

The error message says you are missing the "activity:read" permission. From what you've explained it seems like you only granted access to "read" and "read_all" -- see: https://developers.strava.com/docs/authentication/#detailsaboutrequestingaccess for a list of all the permission flags.

With read and read_all you can get public and private profile data which includes the high level athlete stats.

To read activity data, you will need activity:read and possibly activity:read_all depending on whether you only need public or also want private activities.

6 replies

ActivityFix
Superuser
Forum|alt.badge.img+24
  • ActivityFix
  • Superuser
  • Answer
  • January 22, 2024

The error message says you are missing the "activity:read" permission. From what you've explained it seems like you only granted access to "read" and "read_all" -- see: https://developers.strava.com/docs/authentication/#detailsaboutrequestingaccess for a list of all the permission flags.

With read and read_all you can get public and private profile data which includes the high level athlete stats.

To read activity data, you will need activity:read and possibly activity:read_all depending on whether you only need public or also want private activities.

Jan_Mantau
S
Forum|alt.badge.img+3
  • samgozinsky
  • Author
  • Hub Rookie
  • January 24, 2024

Thank you so much! I'm pretty sure this was it! I just needed to get the refresh token from the URL again but with including activity:read_all in the URL that i pasted into my browser. Thanks again for the help!

S
Forum|alt.badge.img+3
  • Skip
  • Hub Rookie
  • March 23, 2024

I'm coming late to this party. I am trying to use a strava-api GitHub repo to grab just my own my activity data (why can't I just download it as CSV from strava.com???), but get a permission denied error. Looking at my settings/api page, I see that I have client id, access token, refresh token and stated limits. The refresh token appears to have a limited scope (just "read"). This thread suggests I also need "read_all". How do I set that?

ActivityFix
Superuser
Forum|alt.badge.img+24
  • ActivityFix
  • Superuser
  • March 23, 2024

You can try following the instructions here - https://developers.strava.com/docs/getting-started/#oauth - and update the scopes requested in the initial URL. You'll want the scope "activity:read_all"

If you want a dump of all of your activity data, you can go to https://www.strava.com/account and scroll down to "Download or Delete Your Account" - click the get started button and ONLY do step 2 to request an archive of your data. I don't know what format the data comes in, but I'm sure whatever it is you can find a way to convert between what you get and what you want. It may be easier than trying to get some code you didn't write to work.

S
S
Forum|alt.badge.img+3
  • Skip
  • Hub Rookie
  • March 29, 2024

Thanks. The oauth instructions with the addition of activity:read_all did the trick.

J
Forum|alt.badge.img
  • JanDiriken
  • Hub Starter
  • April 22, 2024

I have a similar problem that keeps on recurring:

  1. After the initial authorization I can obtain a working access token. This allows me to read activity lists, activities, data streams, ...
  2. When the access token is expired, I can use the refresh token to get a new access token. This works as it should I guess.
  3. When trying to access data with a renewed access token, the permission scopes seem to change and I get the "activity:read_permission" error.

I follow the steps indicated in the guide so its very confusing what is causing this

Terms & ConditionsCookie settingsAccessibility statement