You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
RTS S.
6 years agoHelpful | Level 6
IOS ASWebAuthenticationSession for OAuth
Previously I used a WKWebView browser control to perform the OAUth. This allowed me to trap the redirect URL to obtain the access code. My redirect URL was http://localhost/Auth Now I am using the ...
- 6 years ago
Thanks, I used the Code flow as it looked more secure.
It would seem that custom URL schemes would be as secure as LOCALHOST ... both of which can only work on the user's device.
Greg-DB
Dropbox Staff
Can you share the full URL of the page displaying the error, as well as the text of the error itself? Thanks in advance!
RTS S.
6 years agoHelpful | Level 6
static let CLIENT_ID = "......" static let CLIENT_SECRET = "...." static let REDIRECT_URL = "myapp://Auth" static let OAUTH_URL = "https://www.dropbox.com/1/oauth2/authorize" override func OAuthURL() -> String { return String(format:"%@?redirect_uri=%@&response_type=code&client_id=%@&force_reapprove=true", DropboxOAuthInfo.OAUTH_URL, HTTP.urlEncode(DropboxOAuthInfo.REDIRECT_URL), DropboxOAuthInfo.CLIENT_ID) }
- RTS S.6 years agoHelpful | Level 6
The image did not get attached ... here it is as a link:
- Greg-DB6 years agoDropbox Staff
Thanks! Based on the code you shared, I see that you're using the "code" flow (i.e., 'response_type=code'). For the code flow, only "https://" is allowed in the redirect URI (unless on localhost), so "myapp://" wouldn't be allowed.
Instead, for client-side applications like this, you should use the "token" flow, i.e., 'response_type=token'. That does allow custom URL schemes in redirect URIs, such as "myapp://".
For more information on how to use the token flow, please refer to the /oauth2/authorize documentation.
- RTS S.6 years agoHelpful | Level 6
Thanks, I used the Code flow as it looked more secure.
It would seem that custom URL schemes would be as secure as LOCALHOST ... both of which can only work on the user's device.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
5,910 PostsLatest Activity: 3 days agoIf you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!