You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
cloudlife
8 years agoHelpful | Level 6
Implicit Grant Returns Access Denied unless localhost
Background page: https://blogs.dropbox.com/developers/2013/07/using-oauth-2-0-with-the-core-api/
So I'm trying to use the implicit grant method of login as I have always done before. However, for some reason whenever I change the redirect url from: 'http://localhost:3000/loginredirect/'
to my actual cloudfront url, it stops working.
To be more specific this url when used with the cloudfront url:
https://www.dropbox.com/1/oauth2/authorize?client_id=<app key>&response_type=token&redirect_uri=<redirect URI>&state=<CSRF token> |
Does not show me the Dropbox window asking me to grant access to my app, instead it shows me:
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
Also the loginredirect url for both localhost and cloudfront url is set on the app settings side. Not sure what's wrong, it's worked just fine before...
If you have any tips on what might be happening, it'd be greatly appreciated! Thank you for your time!
- What's the URL of the page where you see the 'AccessDenied' output? That doesn't look like the format for an error from Dropbox. Is it your redirect URI itself? If so, I'm afraid I can't offer much help, as that would be an issue with your page, so you'd have to investigate what's happening there to cause that error.
The access denied url is on my cloudfront loginredirect url. However, there's also a difference in the way it works from Dropbox's side too.
When I'm using the implicit grant from localhost, I actually get a Dropbox page-Request for access to app folder every time I log in. However, when I use the cloudfront redirect url, it skips this page completely going straight to a access denied page.
I don't see why there was a difference in behavior from Dropbox as well.
In addition, I never defined this access denied page. It's also spitting out a RequestId and HostId.
-----------------------
SOLVED: It was an issue with the routing of the loginredirect page and the way it's managed by AWS, since it's a single page application. (To further elaborate just in case someone else runs into the same problem, essentially all urls need to point back to the index.html page. Due to limitations on the implicit grant and running a single page application)
The difference in Dropbox behavior persists even now that it's working. So apparently localhost and real redirect urls are treated differently.
Thanks for trying to help!
- Greg-DBDropbox StaffWhat's the URL of the page where you see the 'AccessDenied' output? That doesn't look like the format for an error from Dropbox. Is it your redirect URI itself? If so, I'm afraid I can't offer much help, as that would be an issue with your page, so you'd have to investigate what's happening there to cause that error.
- cloudlifeHelpful | Level 6
The access denied url is on my cloudfront loginredirect url. However, there's also a difference in the way it works from Dropbox's side too.
When I'm using the implicit grant from localhost, I actually get a Dropbox page-Request for access to app folder every time I log in. However, when I use the cloudfront redirect url, it skips this page completely going straight to a access denied page.
I don't see why there was a difference in behavior from Dropbox as well.
In addition, I never defined this access denied page. It's also spitting out a RequestId and HostId.
-----------------------
SOLVED: It was an issue with the routing of the loginredirect page and the way it's managed by AWS, since it's a single page application. (To further elaborate just in case someone else runs into the same problem, essentially all urls need to point back to the index.html page. Due to limitations on the implicit grant and running a single page application)
The difference in Dropbox behavior persists even now that it's working. So apparently localhost and real redirect urls are treated differently.
Thanks for trying to help!- Greg-DBDropbox StaffThanks for following up. I'm glad you got this sorted out already.
And for reference, yes, in certain cases Dropbox will automatically redirect you through the OAuth flow if you've already authorized the app. It won't do so if you're using a localhost redirect URI. The information sent to the redirect URI don't change based on that though. If you want, you can disable that automatic redirect behavior using force_reapprove=true:
https://www.dropbox.com/developers/documentation/http/documentation#oauth2-authorize
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.5,917 PostsLatest Activity: 11 days ago
If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!