You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.

Forum Discussion

Polas's avatar
Polas
Explorer | Level 4
3 years ago

Dropbox API, I can't upload a file to Dropbox (err. 401 Unauthorized)

Please, help: I can't upload a file to Dropbox (err. 401 Unauthorized)

I am using Delphi XE3, Indy THttp component. Please, can you look at the header and body of the message being sent to see if there is an error?
I got AccessToken on
https://dropbox.github.io/dropbox-api-v2-explorer/#auth_token/from_oauth1 
I assume it's persistent and I don't need to retrieve it every time I access it

 

 

const
API_URL = 'https://content.dropboxapi.com/2/files/upload';
cFile = 'D:\my_file_path_on_pc\testfile.txt';
cook
wAccessToken : string;
Source: TFileStream;
IdHTTP: TIdHTTP;
Res, OpenSSLpath, wVal : string;
Ssl: TIdSSLIOHandlerSocketOpenSSL;
begin
wAccessToken := '_my_access_token_';
Source := TFileStream.Create(cFile, fmOpenRead);
...
...
IdHTTP.Request.CustomHeaders.Values['Authorization'] := 'Bearer ' + wAccessToken;
IdHTTP.Request.CustomHeaders.Values['Dropbox-API-Arg'] :=
'{ "autorename": false, "mode": "add", "mute": false, "path": "/CUZK/test.txt", "strict_conflict": false }';
IdHTTP.Request.CustomHeaders.Values['Content-Type'] := 'application/octet-stream';

Res := IdHTTP.Post(API_URL, Source);

 

 

  • Polas Здравко is correct; new Dropbox access tokens are not persistent. Dropbox is no longer offering the option for creating new long-lived access tokens. Dropbox is switching to only issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens. You can find more information on this migration here.

    Apps can still get long-term access by requesting "offline" access though, in which case the app receives a "refresh token" that can be used to retrieve new short-lived access tokens as needed, without further manual user intervention. You can find more information in the OAuth Guide and authorization documentation. There's a basic outline of processing this flow in this blog post which may serve as a useful example.

     

    And for debugging issues like this, you should print out the HTTPS response body, as it should contain a more useful error message (such as 'invalid_access_token' or 'expired_access_token'). You may need to refer to the documentation for your network client for information on how to access the response body.

  • Greg-DB's avatar
    Greg-DB
    Icon for Dropbox Staff rankDropbox Staff

    Polas Здравко is correct; new Dropbox access tokens are not persistent. Dropbox is no longer offering the option for creating new long-lived access tokens. Dropbox is switching to only issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens. You can find more information on this migration here.

    Apps can still get long-term access by requesting "offline" access though, in which case the app receives a "refresh token" that can be used to retrieve new short-lived access tokens as needed, without further manual user intervention. You can find more information in the OAuth Guide and authorization documentation. There's a basic outline of processing this flow in this blog post which may serve as a useful example.

     

    And for debugging issues like this, you should print out the HTTPS response body, as it should contain a more useful error message (such as 'invalid_access_token' or 'expired_access_token'). You may need to refer to the documentation for your network client for information on how to access the response body.

  • Здравко's avatar
    Здравко
    Legendary | Level 20

    Polas wrote:

    ...
    I assume it's persistent and I don't need to retrieve it every time I access it

    ...


    Hi Polas,

    That's the mistake of you. In spite some time ago was possible to receive long lived access token, it's not possible anymore. You can still use available long lived access token if you have one (in the way you are trying to), but new one cannot be issued; all new tokens are short lived with validity period 4 hours, at most. For long term access you need refresh token and "refreshing" the access token every time it expires you have long term access access 😉. You can take a look here how you may organize your applications work. Refresh token doesn't expire automatically and alive until explicit revoke from either the application itself or user using your application.

    Hope this helps.

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

5,910 PostsLatest Activity: 3 days ago
333 Following

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!