We're making changes to the Community, so you may have received some notifications - thanks for your patience and welcome back. Learn more here.
Forum Discussion
C# Dropbox.API File Upload Errors
I'm using the most recent NuGet package for my VS 2019 project. My app has worked consistently for several years now. But recently I have logged errors when invoking the client.Files.UploadAsync() me...
Yes, for the official Dropbox API v2 .NET SDK, you can find an example of using the new authorization functionality in the OauthBasic example (non-PKCE, meant for server-side apps) as well as in the OAuthPKCE example (PKCE, meant for client-side apps).
Greg-DB
Dropbox Staff
Dropbox StaffYes, that "Could not create SSL/TLS secure channel" error indicates this is due to a problem establishing the secure connection between your client and the Dropbox API servers. Specifically,
Additionally, technically unrelated to the TLS issue, Dropbox is in the process of switching to only issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens. You can find more information on this migration here.
Apps can still get long-term access by requesting "offline" access though, in which case the app receives a "refresh token" that can be used to retrieve new short-lived access tokens as needed, without further manual user intervention. You can find more information in the OAuth Guide and authorization documentation.
For reference, while the creation of new long-lived access tokens is now deprecated, we don't currently have a plan to disable existing long-lived access tokens. (If that changes, we will of course announce that ahead of time.) That being the case, you can continue using existing long-lived access token(s) without interruption, if you have any. Also, note though that after the change you won't be able to create new long-lived access tokens.
While the change began on September 30th 2021, we're releasing it gradually, so you may not have seen your app(s) affected until now. Once it applies to your app, it would apply regardless of the "Access token expiration" setting for your app, and that setting may no longer be available for your app.
Thanks for all of the info! Very insightful. Now since I am using the Dropbox.API NuGet package, could you point me to any examples of tokenization using the "new" mechanism that's being rolled out?
- Greg-DB
Yes, for the official Dropbox API v2 .NET SDK, you can find an example of using the new authorization functionality in the OauthBasic example (non-PKCE, meant for server-side apps) as well as in the OAuthPKCE example (PKCE, meant for client-side apps).
I downloaded the SDK and compiled the OAuthPKCE project. Apparently invoking the HttpListener.Start() method requires elevated privileges. Getting an Error Code: 5 - Access Denied. I'll try to ferret out the logic behind the sample code and implement it outside of the mechanism used in the sample project. Since my client-side app is a basic Click Once deployment that runs at the user level. And our endusers definitely don't have local admin rights to their PC's. 😀
Also, reviewing the sample projects, it appears as if when a token has expired the routine to acquire a new one is invoking a web browser window in order to complete the OAuth process? So every 4 hours an enduser would be guided through that process, correct? The app I have is used for uploading scanned documents from dedicated endusers. These endusers have the app up all of the workday and are scanning multiple documents. So worst-case a few times a day they would have to run through the OAuth process again? I realize if I just work with the raw API I could likely use static App Authentication (https://www.dropbox.com/developers/reference/auth-types) and forego the entire OAuth process if push came to shove...
- Greg-DB
No, when requesting "offline" access, the app receives a "refresh token" that can be used to retrieve new short-lived access tokens whenever, without manual user interaction (that is, the user doesn't need to repeatedly re-authorize the app once the app has the refresh token). The .NET SDK will perform that refresh process (getting new short-lived access tokens) automatically for you.
