Requests fail if client secret isn't added when using the javascript sdk

Question

I'm implementing the pkce flow correctly, I'm creating a dropbox object and adding the app key and refresh token, but when trying to use the check app method it will throw an exception with the error "Error in call to API function "check/app": Invalid authorization value in HTTP header/URL parameter", adding the app secret will solve this issue but I can't do that because I have to ship my app to the user, trying the same app key and refresh token in the c# sdk works and according to posts on the forum this should also work with the javascript sdk, here is my code:const auth = new DropboxAuth();
auth.setRefreshToken("xxxxx");
auth.setClientId("xxxxx");
// auth.setClientSecret("xxxxx");
const dbx = new Dropbox({auth: auth});
try {
    const res = await dbx.checkApp({ query: "test" });
    console.log(res);
} catch (e) {
    console.log(e);
}&nbsp;

Greg-DB · Accepted Answer

This is the expected behavior if attempting checkApp without an app secret; the checkApp method validates the app key and secret by calling /2/check/app which uses "App Authentication", which does require the app key and secret. So, that will fail without the app secret.
If you want to check the validity of the access token, use checkUser instead.

Forum Discussion

Requests fail if client secret isn't added when using the javascript sdk

About Dropbox API Support & Feedback

Related Content

Can't get PKCE access token uses javascript fetch request

Get Access Token JavaScript in fetch

Get file content url from dropboxusercontent domain with javascript

upload file to public file request with javascript

Dropbox throws a javascript error

Recent Discussions

Error creating shared link from API (Python)

Randomness issue coming from dropbox - Facing issue in Image Upload

Embedding Replay works fine, BUT....

Dropbox API randomly unreachable Australia

Direct download link (dl=1) fails for files flagged as malicious by Dropbox