Well, most browsers have developer tools typical f12 to access. They usually have a network tab that logs the requests and responses between the server and browser.
From those interactions one can reverse the browser interaction with user and server and then recreate it in a smart app using the httpget/post/put functions and getting the responses and session and cookies to get at whatever data the browser presents.
That just flew over my head 
Just kidding… I get what your saying but I think I will wait for fitbit to support OAuth 2
Well, my offer is still there. 
What’s the offer ?
What source code are you looking for ? I have device code I started but since the oauth stuff fails it doesn’t work. I am more then willing to share if that is what you are looking for.
The code is very “WRONG” so you might be better off starting from scratch. But here it is.
https://github.com/gouldner/ST-Projects/blob/master/ST-Devices/src/Fitbit/FitbitDevice.groovy
I also have working OAuth 2 code for another device (Enlighten Solar System API) which I could share if you want to see working code
The offer was to have a look. I will do such. Thanks!
I should be able to make sense of this!
My first recommendation is to split the OAuth code out of the Device Type. The general practice is the OAuth/authentication code is built into a Smart App called a Connect app. It basically handles the cloud-to-cloud access, and then a child Device Type represents the individual devices (so, in this case, the trackers and scales and whatnot). Check out my Lockitron code for an idea: https://github.com/dkirker/smartthings-lockitron
Hi all. I just gave up on waiting for the UP3 to ever be released and purchased a FitBit Charge HR. I’d love to help with SmartThings integration if no one here has had any luck yet. Let me know what the current status is and I’ll see what I can do.
I am waiting for FitBit to release their OAuth 2.0 public beta access. OAuth 1 doesn’t work with ST. It has been mentioned in this thread that you can probably write an external interface to the OAuth 1 that ST could access but OAuth 2.0 will be much easier to maintain.
Ok, I see the announcement back in January that OAuth 2 support is coming soon. If it doesn’t come soon, I may take a crack at that OAuth 1 interface.
They need to release the OAuth2 for the new devices for heart rate data so I am hoping it will be soon.
@obycode Any progress here? My girlfriend was gifted a Charge HR. I’d love to get it integrated somehow.
I haven’t looked into it yet. I still have my hopes up that they will complete the move to OAuth 2. I’ll post here with any progress.
Thanks. It looks like I can do some basic stuff through IFTTT on sleep and wake events.
Any updates on the Fitibit integration?
Sorry no, haven’t had the time to work on it.
@Ron I spent an hour last night looking at it. I was hoping it would have been as easy as the solar system where you use a combination of a secret and id. It doesn’t appear to be the case… seems more like a federated model. 
@DrHill I gave up on it after monitoring the Oauth 2.0 which said “coming soon” for way too long. I don’t even know if it is Oauth 2.0 yet, if not then it will not work with ST.
Hey @Ron, looking over there site, the Oauth 2.0 has been available for a while on the site. Do you happen to know of any examples where this has been one with other apps? I’m more than willing to give it a try if there are other exmaples out there.
I did my own Emphase Solar integration but that one just used a URL with 3 variables… Oauth 2.0 looks to be more involved where you exchange keys and then return a URL with a session.
Smart Things only supports Oauth 2.0 that is why I was waiting for fitbit to make the upgrade.
I wrote the enphase device also and it worked fine. See docs here
http://docs.smartthings.com/en/latest/smartapp-web-services-developers-guide/tutorial-part2.html?highlight=oauth#get-the-oauth-authorization-code
Not sure why fitbit seems more difficult, but sorry no time to look into this.
Also given the complete instability of ST these days I am not working on any device code. Too frustrating to spend hours on my code thinking I have an issue only to learn that the problem is on the server side.