Strava API 'Authorization Error' & local host refuses to connect

I am trying to use the Strava API with the following code snippet:

auth_url = "https://www.strava.com/oauth/token"

activites_url = "https://www.strava.com/api/v3/athlete/activities"

payload = {

'client_id': "137928",

'client_secret': xxx,

'refresh_token': xxx,

'grant_type': "refresh_token",

"response_type": "code",

'f': 'json',

"scope": "activity:read_all"

}

print("Requesting Token...\n")

res = requests.post(auth_url, data=payload, verify=False)

access_token = res.json()o'access_token']

print("Access Token = {}\n".format(access_token))

header = {'Authorization': 'Bearer ' + access_token}

#param = {'per_page': 200, 'page': 1}

my_dataset = requests.get(activites_url, headers=header).json()

print(my_dataset<0]p"name"])

However, I get the following response:

{'message': 'Authorization Error', 'errors': o{'resource': 'AccessToken', 'field': 'activity:read_permission', 'code': 'missing'}]}:

When trying to access via url, I have to authorize my contents, but afterwards the message is

that the local host cannot be reached. Any ideas? I am kind of desperate...

http://www.strava.com/oauth/authorize?client_id=hREPLACE_WITH_YOUR_CLIENT_ID]&response_type=code&redirect_uri=http://localhost/exchange_token&approval_prompt=force&scope=activity:read_all

Page 1 / 1

Do u have any app running on localhost and is ready to handle this call, if not it is normal that this happens and if it does then just check your routes are correct and also the port your app is listening to.

If you are not interested to have the authorization flow working right away you can still use the authorization code that you should be receiving in the url anyway. in the link below you can find how u can get the job done manually

https://jessicasalbert.medium.com/holding-your-hand-through-stravas-api-e642d15695f2

If I am not mistaken, check the URL of the “this site cant be reached” page. In the URL, you should find a piece that reads “state=&code=;HERE IS YOUR CODE]?scope=...”
Copy that, that’s the auth code you need

The initial code snippet executes an OAuth Refresh Flow. This passes in a Refresh Token (RT) in exchange for a new Access Token (AT). No need to pass "response_type": "code" in the Refresh request payload. The refresh flow also does not perform a redirect. The Refresh flow hits the token endpoint directly.

The URL under the screenshots initiates an OAuth Code Flow and that hits the authorize endpoint. This will require a redirect_uri and will try to redirect to http://localhost/exchange_token based on the example posted. If nothing is listening there to handle the code and then POST the code to the token endpoint you will get this issue because nothing is listening where you are redirecting to.

As both previous answers mention you might still be able to get that code (manually) and POST it to the token endpoint using for example Postman to obtain the AT and RT.

Reply

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded