You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
Zoë
9 years agoExplorer | Level 3
Redirect URI with variable loopback port
Is there any way to register an OAuth2 redirect URI that will support using an unreserved (random) port over loopback/localhost? For desktop applications that might not be installed system-wide (e.g...
- 9 years ago
I'm afraid I don't have a great solution for you, as OAuth 2 redirect URIs for the Dropbox API are required to be pre-registered exactly. I'll be sure to pass this along as feedback though.
One thing you may be able to do instead is to use one static redirect URI but encode the necessary information in the 'state' parameter, and decode it as necessary after the redirect back to your app, to handle it as necessary:
https://www.dropbox.com/developers/documentation/http/documentation#authorizationAlternatively, you could forgo using a redirect URI entirely. With the "code" flow, you can omit redirect_uri and have the user copy and paste the code manually. (Or, for the "token" flow, you can use https://www.dropbox.com/1/oauth2/display_token as the redirect URI and have the user copy and paste the access token.)
cspro
Explorer | Level 4
I'd like to upvote the ability to have an arbitrary port in the redirect_uri. This could be allowed only for localhost.
Without this, I don't see how we can move from doing oauth in an embedded browser window to using the system default browser as is recommended. It isn't possible to know what port will be free on a client system so that needs to be done at runtime.
If you look at the google oauth examples (https://github.com/googlesamples/oauth-apps-for-windows) they use a random port. From all of the Dropbox examples I've seen you use a fixed port which is inevitably going to fail on someones machine.
Skipping the redirect URI and having the user cut and paste the code is a non-starter for us. Our users would be very unhappy.
Without this, I don't see how we can move from doing oauth in an embedded browser window to using the system default browser as is recommended. It isn't possible to know what port will be free on a client system so that needs to be done at runtime.
If you look at the google oauth examples (https://github.com/googlesamples/oauth-apps-for-windows) they use a random port. From all of the Dropbox examples I've seen you use a fixed port which is inevitably going to fail on someones machine.
Skipping the redirect URI and having the user cut and paste the code is a non-starter for us. Our users would be very unhappy.
Greg-DB
7 years agoDropbox Staff
Thanks for the feedback! I'll send it along to the team.
- qedi7 years agoNew member | Level 2
I'm encountering the same problem, I tested many other sources like Google, Salesforce, Twitter, they all support variable port for localhost. This is very useful when changing embedded browser to system browser.
- nicocizik4 years agoNew member | Level 2
I know this is an old thread but is there any update on this? Does the Dropbox API support variable localhost loopback ports or are we still forced to have our users copy/paste a code or guess a random unused port when the app is registered?
Thanks
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
5,913 PostsLatest Activity: 5 hours agoIf you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!