You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
Jeff B.63
2 years agoCollaborator | Level 8
Get a folders public link using the dropbox API in Azure logic apps
We use Dropbox to store pictures from every jobsite we work on. The estimator puts his pics in the folder for the crews to view and later the crews put their images in the same folder. I have been ...
- 11 months ago
Jeff B.63 wrote:The example in the blog uses curl but I need HTTP. I tried the online conversion tool from GitHub but it just gets syntax errors. ...
Hi Jeff B.63,
You can add -v option (verbose) in every curl command and you'll get entire HTTP request in the console output as is. 😉
Jeff B.63 wrote:... I have my AppKey and AppSecret but what is the authorization code and do I need a redirect URI since I want the response to come right back to the HTTP request?
The authorization code is something you should receive from the authorization page where you (or your application user - whoever is) grant permission to access account resources. It can be copied by hand or received automatic using redirect URI - the choice is yours. So, no, it's not mandatory usage of redirect URI. Take a look here how you can perform the same without redirect URI.
Hope this helps.
Jeff B.63
Collaborator | Level 8
The example in the blog uses curl but I need HTTP. I tried the online conversion tool from GitHub but it just gets syntax errors. I have my AppKey and AppSecret but what is the authorization code and do I need a redirect URI since I want the response to come right back to the HTTP request?
Здравко
11 months agoLegendary | Level 20
Jeff B.63 wrote:The example in the blog uses curl but I need HTTP. I tried the online conversion tool from GitHub but it just gets syntax errors. ...
Hi Jeff B.63,
You can add -v option (verbose) in every curl command and you'll get entire HTTP request in the console output as is. 😉
Jeff B.63 wrote:... I have my AppKey and AppSecret but what is the authorization code and do I need a redirect URI since I want the response to come right back to the HTTP request?
The authorization code is something you should receive from the authorization page where you (or your application user - whoever is) grant permission to access account resources. It can be copied by hand or received automatic using redirect URI - the choice is yours. So, no, it's not mandatory usage of redirect URI. Take a look here how you can perform the same without redirect URI.
Hope this helps.
- Jeff B.6311 months agoCollaborator | Level 8
I just tried the first step in your instructions and the browser returned an error "invalid client id".
Do I need to apply for production on the App or something?
- Jeff B.6311 months agoCollaborator | Level 8
Worked perfectly, Thank you. do I now just use the refresh token as the access token in all of my http calls?
Authorization: Bearer <Refresh token>
- Здравко11 months agoLegendary | Level 20
Jeff B.63 wrote:Worked perfectly, Thank you. do I now just use the refresh token as the access token in all of my http calls?
Authorization: Bearer <Refresh token>
No, no, no,... definitely NO!
Refresh token doesn't replace access token, neither opposite! The refresh token is only used for refreshing (regenerating in fact) access token, nothing more. As I mentioned there (and as seems you skipped) in regular API calls valid access token (non expired - within the timespan as described) should be use. If needed (after currently used token expires), execute the last call in my description before next regular API call. 👆
Hope it's a bit more clear now.
- Jeff B.6311 months agoCollaborator | Level 8
Thank you for your help Здравко, I read your other directions more clearly and it worked great.
My next challenge was how to use the refresh token in my Logic App. After an awful lot of searching, I was able to cobble something together.
For anyone else finding this thread, I will include that information for them below:
- I had to set up blob storage in Azure and set any flows to use a system managed identity with the role of "Storage Blob Data Reader".
- I then set up a new Logic App with a Recurrence Trigger set to 5 mins (or whatever you want) with the role of "Storage Blob Data Owner".
- I added a file to the storage and use that same name throughout, say DBtoken.txt.
- I retrieve the blob metadata and use a condition to check if utcNow() > (LastModified timestamp + 4 hrs).
- False does nothing
- True then runs an HTTP action using the refresh token to get a new 4hr token:
- Then I save the blob back into the storage using the same filename as before - DBtoken.txt
- Now any Logic Apps I want to have access to the Dropbox API can do so by reading the blob and getting the current access token. I'll describe that here:
- Initialize a boolean variable called Token_Expiry
- Retrieve the blob data from the blob storage
- Insert an Until function that runs until Token_Expiry is = to True
- Add a Condition inside the Until that check if utcNow() <= (Last Modified + 4hrs)
- False does nothing
- True has three actions: get blob content, parse json of blob content and sets Token_Expiry to True
- Finally, right after the Until, I initialize a variable to hold the current token and use it in the HTTP Dropbox API actions I have later in the flow.
Maybe there is a simpler way to do this but this is all I could figure out with my very limited knowledge.
- Здравко11 months agoLegendary | Level 20
Hi Jeff B.63,
Congratulations to you for your solution! 🙂 I believe your sharing will help many other people working on the same environment.
There are some imperfections though that push your solution to the border of stability. There is small but real chance some of your API calls to fail authentication! Of course in such a situation the details are important (something I don't know), but in all cases minimizing assumptions in the code is a good idea (they may play bad game 😈).
Jeff B.63 wrote:...
4. I retrieve the blob metadata and use a condition to check if utcNow() > (LastModified timestamp + 4 hrs).
...
When something is NOT guaranteed in any way better don't rely on! Yes, typically access token validity period is 4hr, but again typically NOT mandatory (may be less). I gave it just as example, nothing more. I mentioned in explicit way that validity is denoted in "expires_in" field. You're ignoring this value in favor of assumption! In addition it's good idea to "cut" 2, 3, or 5 mins out from validity period, cosa there are always some delays in token receiving, calculations, etc. - something that accumulates and can... make your check wrong (and you code tries work with just expired token in some cases).
Jeff B.63 wrote:...
7. Finally, right after the Until, I initialize a variable to hold the current token and use it in the HTTP Dropbox API actions I have later in the flow.
...
Hm...🤔 How long is this flow of actions? Is there any chance for your token expiration meantime? Important detail! It's good idea to check for token validity at the beginning of every API call, not at the beginning of flow of calls - just to make the things more secure. Even more in such a way you don't need additional trigger - the call, you're going to do, itself is a trigger. 😉
Good luck to you and all others interested.
- Jeff B.6311 months agoCollaborator | Level 8
Thank you for that input, I will work on that and revise the post. I put the loop in place so that if there was delay in getting the new token the loop would continue until the token was available. But I understand your concerns and will add a reference to the validity period in the blob and use it in the condition instead of just 4 hour minus a few minus of course.
About Discuss Dropbox Developer & API
Make connections with other developers
797 PostsLatest Activity: 2 days agoIf you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!