cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
We are making some updates so the Community might be down for a few hours on Monday the 11th of November. Apologies for the inconvenience and thank you for your patience. You can find out more here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: Authorization code flow no longer works?

Authorization code flow no longer works?

Vladimir V.1
Explorer | Level 4
Go to solution

I am posting all required parameters to https://api.dropboxapi.com/oauth2/token but the servers keeps returning a very vague error:

 

REQUEST:

 

POST https://api.dropbox.com/oauth2/token HTTP/1.1
Accept: */*
Content-Type: application/json; charset=utf-8
Content-Length: 221
User-Agent: Adobe Photoshop Lightroom
Host: api.dropbox.com
Cache-Control: no-cache
{"client_id":"algt6407ye2ni5g","client_secret":"[***redacted***]","code":"qNW__3Oy_LgAAAAAAAAJPFofykpnyM-z9TB2CnveLSw","grant_type":"authorization_code","retirect_uri":"lightroom://com.alloyphoto.lightroom.export.dropbox"}

 

RESPONSE:

HTTP/1.1 400 Bad Request
Server: nginx
Date: Wed, 28 Dec 2016 00:37:38 GMT
Content-Type: application/json
Content-Length: 97
Connection: keep-alive
User-Agent: 
X-Dropbox-Request-Id: 5d5f1e75ac3b4712ccf212dd60636603
{"error_description": "No auth function available for given request", "error": "invalid_request"}

In fact, this code worked successfully very recently. Has something been changed? What am I doing wrong? Please help.

 

1 Accepted Solution

Accepted Solutions

Greg-DB
Dropbox Staff
Go to solution

Thanks for the report! The request payload for /oauth2/token is expected to be delivered with a content type of "application/x-www-form-urlencoded", per RFC 6749 Section 4.1.3. It's possible we may have also been accepting "application/json" though. We'll look into it, but in the meantime, you can switch to "application/x-www-form-urlencoded", which I've confirmed is working as expected.

 

Also, for reference, but api.dropbox.com and api.dropboxapi.com are supported for this endpoint.

View solution in original post

7 Replies 7

Vladimir V.1
Explorer | Level 4
Go to solution

Just noticed a typo in the request code (retirect_uri), should be redirect_uri. But it is still not working.

Vladimir V.1
Explorer | Level 4
Go to solution

Next I realized I was hitting the wrong endpoint, needs to be https://api.dropboxapi.com, not https://api.dropbox.com.

Unfortunately I am still getting the same error.

Greg-DB
Dropbox Staff
Go to solution

Thanks for the report! The request payload for /oauth2/token is expected to be delivered with a content type of "application/x-www-form-urlencoded", per RFC 6749 Section 4.1.3. It's possible we may have also been accepting "application/json" though. We'll look into it, but in the meantime, you can switch to "application/x-www-form-urlencoded", which I've confirmed is working as expected.

 

Also, for reference, but api.dropbox.com and api.dropboxapi.com are supported for this endpoint.

Greg-DB
Dropbox Staff
Go to solution
I can't seem to find if/when we accepted JSON on this endpoint. Are you sure this previously worked with that content type?

In any case, x-www-form-urlencoded is the right way to call this. Is that working for you?

Vladimir V.1
Explorer | Level 4
Go to solution

Hi Greg,

I think you are right, I recently updated a large chunk of the code when I migrated my plugin from API v1 to v2. The v2 documentation states that RPC enpoints on the api.dropboxapi.com domain accept arguments as JSON in the request body.  For that reason I made all API calls to submit the payload in JSON, and that is where the code flow stopped working (which I didn't notice immediately). Either the documentation needs to be very explicit about the expected content type of that call, or the backend needs to be updated to accept JSON and thus provide claimed consistency. If I had a choice I'd go for option #2 as there is probably no valid reason for that particular endpoint not to recognize JSON.

 

Anyway, thanks for your prompt attention to this issue, I got the code working by reverting the call to form-urlencoded format.

Greg-DB
Dropbox Staff
Go to solution
Thanks for confirming that. I'm glad to hear this is sorted out.

The OAuth endpoints are a little different than the API endpoints, so I'll ask the team to clarify the documentation at least.

SauravAnand
Explorer | Level 4
Go to solution

Hi Vladimir,

 

Glad to hear about the fix. I'm also working on migration from V1 to V2 API. Can you please provide code block of GetAccessToken() using new end point "https://api.dropboxapi.com/oauth2/token". 

 

That would be really helpful.

Thank you.

Need more support?