Salesforce & Fitbit – Making the connection

I got a Fitbit back February. I don’t wear it, mainly because I fly fish so much and I would ruin it. I do love the api Fitbit has. I basically got one for the api. I think it’s a pretty sweet device to use to get data.

The first thing I did was test the water…with node.js 🙂

I found a great, simple library to get me off my feet, and never ran into trouble in my basic tests getting Fitbit data.

here is the library https://github.com/lukasolson/fitbit-node

I do have a day job, and quickly dropped any dreams I had to play in more depth with the Fitbit api after a hectic spring release..

Lately, I revisited this using Salesforce. It’s pretty amazing how enabling Salesforce can be. So when I set out to get Fitbit data into Salesforce, there were plenty of options to choose from. Without trying to describe all the possible ways (I would probably miss a few), I will get into the easiest way (in 2016) to get Fitbit data into Salesforce.

Before we get our hands dirty, let me summarize how this works. We are going to use OAuth to maintain a connection with the Fitbit API. Since Fitbit has the data we need, Salesforce will be the client. That means we need some App defined with Fitbit, much like you can make a connected app on Salesforce. In Salesforce, we will use Authorization Providers and Named Credentials to define how the Salesforce client connects to the Fitbit API. If that doesn’t make sense, it will after we get our hands dirty and make the connection.

1)
Fitbit App:
– go to https://dev.fitbit.com/ and create a dev user for yourself
– once logged into dev.fitbit.com, create a new app:
– fill the form out and but a random address for the callback, we will change this later
– for “OAuth 2.0 Application Type”, set it to “client”
– for “Default Access Type”, set it to “Read-Only”
– Save the app

2)
Salesforce Auth. Providers:
– go to Setup -> Quick Find -> Auth. Providers, and make a new Auth. Provider:
– for “Provider Type”, set it to “Open ID Connect”
– for “Consumer Key”, set it to the Client Id on the Fitbit app at dev.fitbit.com
– for “Consumer Secret”, set it to the Client Secret on the Fitbit app at dev.fitbit.com
– for “Authorize Endpoint URL”, set it to “https://www.fitbit.com/oauth2/authorize”
– for “Token Endpoint URL”, set it to “https://api.fitbit.com/oauth2/token”
– for “Default Scopes”, set it to “activity profile settings” or any others you desire
– for “Send access token in header”, set it “UnChecked”
– for “Send client credentials in header”, set it “Checked”
– Save the Auth. Provider

3)
Update Callback URL on the Fitbit App:
– after you save the Auth. Provider you will see a “OAuth-Only Initialization URL” is generated, copy this.
– go back to dev.fitbit.com and edit the app you made:
– set the callback in the Fitbit app to the one Salesforce generated for you

4)
Salesforce Named Credential:
– go to Setup -> Quick Find -> Named Credentials, and make a new Named Credential:
– set the “Label” and “Name” to values you prefer
– set the “URL” to “https://api.fitbit.com/”
– for “Identity Type”, both “Per User” and “Named Principal” work
– for “Authentication Protocol”, set it to “OAuth 2.0”
– for “Start Authentication Flow on Save”, set it to “Checked”
– for “Generate Authorization Header”, set it to “Checked”
– Save the Named Credential
– you will be redirected to Fitbit to login using your Fitbit user account (not dev), then it will ask you to allow access, then it will redirect you back to the named credential and the “Administration Authentication Status” will be “Authenticated”

5)
Apex Callout:
– now that you defined the Named Credential and it is authenticated, you are able to use it in apex, with writing anything relating to OAuth. Let’s say you named your Named Credential “Fitbit”, then go ahead and run this code in the execute anonymous window.

HttpRequest req = new HttpRequest();
Http http = new Http();
req.setMethod('GET');
req.setEndpoint('callout:Fitbit/1/user/-/profile.json');
HttpResponse res = http.send(req);
System.debug(res.getBody());

Check out the debug log that was just generated, and check “Debug Only” to see the json we logged. It has you Fitbit user data… pretty cool!

From here you only need to worry about using the Fitbit API. Salesforce handles the OAuth refresh tokens using Named Credentials.

for more on the Fitbit api, see https://dev.fitbit.com/docs/

Next up, viewing this data with Wave

(Disclaimer, this was written in 2016.  Since then, Fitbit was acquired by Google & Salesforce has even more tools to allow you to write even less code.)