We are aware of the issue with the badge emails resending to everyone, we apologise for the inconvenience - learn more here.
Forum Discussion
bffy_smmmers
4 years agoHelpful | Level 5
dbx.auth not working / getAccessTokenFromCode giving 400 response?
I'm trying to access the `getAccessTokenFromCode` method and I keep receiving a 400 error. On top of that, I can't seem to write the code and get it to work in the way it's written in the Auth ex...
- 4 years ago
I'm not sure I follow your message, but you should specify it in both places. The /oauth2/authorize page redirect_uri parameter specifies where to send the user after they authorize the app, and the 'redirectUri' you pass to 'getAccessTokenFromCode' is just a string sent up in a /oauth2/token API call to verify that it matches.
Greg-DB
Dropbox Staff
First, can you clarify where/how you're attempting to run this? For instance, are you running this on a node backend, or browser frontend?
Also, can you share the full error/output you're getting? Whenever the API replies with a 400 it should include more error information along with it. It may help to print out the full error like 'console.log(err)' instead of just 'console.log(err.message)'.
Can you also double check that v9.2.0 was successfully installed? Perhaps it failed and you're still on an old version.
bffy_smmmers
4 years agoHelpful | Level 5
Hi Greg, It's on a node backend. Positive that i am on the latest version - I even aliased the npm package to make sure.
The full error is below. I just want to point out two things now that I see the error type - I have all of the redirect uri's listed correctly and accurately in the app console. I've tried it so many different ways and i keep getting the same error. I also am confused why when I go to authorize, dropbox doesnt allow me to choose which user I want to sign in as. It just prompts me to allow access as whoever I am currently signed into dropbox with (vs something like google API where I select which account I want to use) is this just a normal part of the auth flow?
name: 'DropboxResponseError',
status: 400,
headers: Headers {
[Symbol(map)]: [Object: null prototype] {
'content-security-policy': [Array],
'content-type': [Array],
date: [Array],
server: [Array],
'content-encoding': [Array],
vary: [Array],
'x-dropbox-response-origin': [Array],
'x-dropbox-request-id': [Array],
connection: [Array],
'transfer-encoding': [Array]
}
},
error: {
error_description: 'redirect_uri mismatch',
error: 'invalid_grant'
}
}
- Greg-DB4 years agoDropbox Staff
Thanks! So the error message in this case is "redirect_uri mismatch", which indicates that the 'redirectUri' you're passing to 'getAccessTokenFromCode' doesn't match the redirect_uri value on the /oauth2/authorize URL used to retrieved the authorization code. It needs to either be omitted in both places, or otherwise match exactly.
Can you share the 'redirectUri' value you're using, as well as the /oauth2/authorize URL?
Also, regarding your other question, if you have "linked accounts" you'll be prompted to choose which to connect to the app. Otherwise, you can use the "Sign out" link in the account dropdown on the app authorization page to sign out of the current account and then sign in to another to authorize the app there.
- bffy_smmmers4 years agoHelpful | Level 5
Thanks Greg. By making them the same redirect uri I got it working. My worry is /was that the current redirect uri is another endpoint that creates a session and stores information in the DB. By setting that redirect URI in both places I was worried that that endpoint would get called twice and create duplicates or show up as `null` in the second call. Does that make sense?
- Greg-DB4 years agoDropbox Staff
I'm not sure I follow your message, but you should specify it in both places. The /oauth2/authorize page redirect_uri parameter specifies where to send the user after they authorize the app, and the 'redirectUri' you pass to 'getAccessTokenFromCode' is just a string sent up in a /oauth2/token API call to verify that it matches.
- bffy_smmmers4 years agoHelpful | Level 5
hi Greg-DB - me again.. for some reason i am not actually able to see the "linked account" screen. to switch users, or to even authorize the app. when i go through the auth flow i am just automatically redirected and authorized. unless i sign out of dropbox in a different window. is there someting in the code i need to update here?
static async getAuthUrl(state: string😞 Promise<string> {const dbx = newOAuthInstance();const res = await dbx.getAuthenticationUrl(REDIRECT_URI,state,'code','offline',);return res.toString();}- Greg-DB4 years agoDropbox Staff
If you're signed in to an account that has already authorized the app, you may not be explicitly asked to authorize it again, and may instead just be redirected through the flow automatically. Check out the 'force_reapprove' parameter on /oauth2/authorize.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
5,877 PostsLatest Activity: 5 hours agoIf you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!