Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
We have suddenly seen an influx of the above error occuring for our customers including our own integrations tests (with no changes in code)
I've been looking at the following post, we use PKCE
Any help would be much appreciated.
Thanks
Hi @awb,
Access tokens expire! (~4 hours live) Did you ensure refresh token accompanying the access token and use it on Dropbox client object initialization?
Also, you should ensure when for some reason refresh token cannot work (when some of the cases you described comes up), your code asks the user to link your application anew. So the user will know what exactly predisposes this behavior (its recent activity).
Hope this gives direction.
@awb wrote:
...
Even trying to get a new token with pkce results in the same error.
...
I assume that happens on refresh time (despite you don't point it explicitly; correct me if that's not true). That means user's authorization for your application is canceled somehow (using one of the ways you enumerated already). 🤷 That's it.
There is no need something got changed. Just the granting was canceled. In such a situation new authorization has to be initiated from your application side (when catching such a case). 😉 This is the correct way - nothing else you can do, but just inform your users that after deauthorizing application they will need to authorize anew.
Good luck.
Post the way (code you use to) you authorize your application and initialize the Dropbox client (without keys, secrets, etc.)
@awb First for reference, note that the post you linked to is old and now somewhat out of date. As Здравко noted, new Dropbox API access tokens do now expire, and access tokens and refresh tokens can also still be explicitly revoked. There are different errors for these cases: 'expired_access_token' indicates the token is expired, and 'invalid_access_token' indicates the token is not valid or is revoked.
Here's a slightly more extensive list of ways an access token/refresh token can be revoked:
To answer your specific questions:
In any case, if you are getting unexpected errors, we'll be happy to look into it, but we'd need some more information. In that case, please reply with:
Be sure to redact any access tokens, refresh tokens, or app secrets throughout. Thanks!
Hi @Greg-DB
Screen shot is reecent, I've also tried removing the app and adding again
We have had another customer affected by this,
POST https://api.dropboxapi.com/2/team/features/get_values HTTP/1.1
Authorization: Bearer omitted
User-Agent: omitted/OfficialDropboxDotNetSDKv2/6.37.0.0
Content-Type: application/json; charset=utf-8
Host: api.dropboxapi.com
Request-Id: |39875632-4c7f9ff832916d0c.
Content-Length: 49
{"features":[{".tag":"has_team_shared_dropbox"}]}
HTTP/1.1 401 Unauthorized
Content-Type: application/json
Cache-Control: no-cache
Content-Security-Policy: sandbox allow-forms allow-scripts
Www-Authenticate: Bearer realm="Dropbox-API"
X-Content-Type-Options: nosniff
X-Dropbox-Request-Url: /2/team/features/get_values
Date: Mon, 22 Jul 2024 06:26:36 GMT
Server: envoy
Content-Length: 81
X-Dropbox-Response-Origin: far_remote
X-Dropbox-Request-Id: 7690858d30364e4591fab093c620c3d0
{"error":{".tag":"invalid_access_token"},"error_summary":"invalid_access_token/"}
As mentioned before, everything has been working as expected. So I am assuming that its related to our Dropbox application? I can provide you with the app key if this will help?
Thanks
Ash
Thanks for following up. I'm glad to hear you sorted this out. Yes, for reference, the length of Dropbox access tokens is not guaranteed and may change over time.
Hi there!
If you need more help you can view your support options (expected response time for a ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!