Skip to main content
Question

Authorization Error: "Invalid Access Token" Despite Following OAuth Flow

  • January 2, 2025
  • 0 replies
  • 115 views

Forum|alt.badge.img+1

 

Hi,

I'm encountering an issue with the Strava API when trying to retrieve activities. Despite following the OAuth flow as per the Getting Started documentation, I consistently receive the following error:

{
    "message": "Authorization Error",
    "errors": [
        {
            "resource": "Athlete",
            "field": "access_token",
            "code": "invalid"
        }
    ]
}

Here’s what I’ve done so far:

  1. Generated an authorization code using the following URL:

    https://www.strava.com/oauth/authorize?client_id=143540&redirect_uri=http://localhost&response_type=code&scope=activity:read_all
    
  2. Exchanged the authorization code for an access token and refresh token:

    https://www.strava.com/oauth/token?client_id=143540&client_secret=****&code=****&grant_type=authorization_code
    
  3. Used the access token to fetch activities:

    https://www.strava.com/api/v3/athlete/activities?access_token=****
    

However, the access token always returns the "invalid" error. I verified the following:

  • The redirect_uri matches what’s in my Strava app settings (http://localhost).
  • The requested scope includes activity:read_all.
  • I even tested using the Strava API Playground, but it fails with a "Bad Request" error:
    {
        "message": "Bad Request",
        "errors": [
            {
                "resource": "Application",
                "field": "redirect_uri",
                "code": "invalid"
            }
        ]
    }
    

I suspect there might be an issue with my app configuration or how the tokens are being generated/used. Can someone help identify what might be going wrong?

Thanks in advance for your support!

 

0 replies

Be the first to reply!

Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept, you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings