So here’s where I got to -
- created a new push subscription successfully and got a subscription Id back
- tested my endpoint to ensure it can process test POST messages ok, and has logging in place to show if it gets called
- I login as a user and authorize the app with the scope activity:read_all,read,read_all,profile:read_all, and verified that the context with the access token also includes those scopes
- Now I go to strava and change or create a new activity, but nothing gets sent to my webhook
- if I deauthorize the app from the settings/my apps page, I see the post getting send successfully to my endpoint with the right Id in for my user, and telling me the athlete has deauthorised.
Wondering why I’m not getting any of the activity updates. My app that the client logs in with works fine and I can query all activities and profile data with the supplied access token.
The Strava developer page for my API shows I have 1 user connected, as expected.
One strange thing I notice is the strava my API page shows you your client secret and so on - but also shows an access token and refresh token, both with scope “read”. Why does it show these tokens here, what uses them? And why are they only set to read? Did I mess up when I generated the client secret? Do I get a chance to set the scope when I generate a new one?
Thanks in advance
