cancel
Showing results for 
Search instead for 
Did you mean: 

Permissions Error - please help!

samgozinsky
Mt. Kenya

A little bit of a programming noob here, so forgive my ignorance!

I am trying to pull down my strava activities through a get request in python. I have gone ahead and authorized the API etc. with my app. The first time that i set up the authorization, I believe I gave a read only scope (rather than the read_all permissions needed for the type of data that I want). I went ahead re-authorizing, this time careful to include read_all in the URL- but I'm still having issues. 

 payload = {
    'client_id': client_id,
    'client_secret': client_secret,
    'refresh_token': refresh_token,
    'grant_type': "refresh_token",
    'f': 'json'
}


res = requests.post(auth_url, data=payload, verify=False)

print("On a run to get the token...\n")


auth_token_app = res.json()['access_token']

print('Token is:')
print(auth_token_app) 

I'm able to get an access token with the above code, and have tested this out with both the original refresh token I had stored down and the new one, which I believe is specific to the type of read-all permission that I need. I'm able to pull down my high-level stats at this URL:

"https://www.strava.com/api/v3/athletes/#myathletetokenhere/stats"
 
using this request and the token from the above code^
 
header = {'Authorization': 'Bearer ' + auth_token_app} athlete_dataset = requests.get(athlete_url, headers=header).json()
 
However, when I try to grab my recent activities with this snippet below, I get this error:

{'message': 'Authorization Error', 'errors': [{'resource': 'AccessToken', 'field': 'activity:read_permission', 'code': 'missing'}]}

 

header = {'Authorization': 'Bearer ' + auth_token_app}

url = 'https://www.strava.com/api/v3/athlete/activities'
param = {'per_page':200, 'page':1}

athlete_dataset = requests.get(url, headers=header, params=param).json()

Any idea what's going on here? my strava API page shows a token with 'read' permission by the way- but the token I'm getting from the first block of code above doesn't match this one- so I had figured it might be the separate read_all authorized token that I've been looking for

 

1 ACCEPTED SOLUTION

ActivityFix
Elbrus

The error message says you are missing the "activity:read" permission. From what you've explained it seems like you only granted access to "read" and "read_all" -- see: https://developers.strava.com/docs/authentication/#detailsaboutrequestingaccess for a list of all the permission flags.

With read and read_all you can get public and private profile data which includes the high level athlete stats.

To read activity data, you will need activity:read and possibly activity:read_all depending on whether you only need public or also want private activities.

View solution in original post

2 REPLIES 2

ActivityFix
Elbrus

The error message says you are missing the "activity:read" permission. From what you've explained it seems like you only granted access to "read" and "read_all" -- see: https://developers.strava.com/docs/authentication/#detailsaboutrequestingaccess for a list of all the permission flags.

With read and read_all you can get public and private profile data which includes the high level athlete stats.

To read activity data, you will need activity:read and possibly activity:read_all depending on whether you only need public or also want private activities.

Thank you so much! I'm pretty sure this was it! I just needed to get the refresh token from the URL again but with including activity:read_all in the URL that i pasted into my browser. Thanks again for the help!