nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Child Item

GET /1/oauth/request_token return 400 error

blink

when I use the API to get token. The dropbox server return 400 error.

The request : GET /1/oauth/request_token HTTP/1.1

The response: HTTP/1.1 400 Bad Request
< Server: nginx
< Date: Fri, 29 Sep 2017 07:01:25 GMT
< Content-Type: application/json
< Transfer-Encoding: chunked
< Connection: keep-alive
< X-Dropbox-Request-Id: 60ddb4f73f25ea5afbf18d538654ef61
< X-Frame-Options: DENY
< Content-Security-Policy: sandbox; frame-ancestors 'none'
< X-Content-Type-Options: nosniff
< Content-Disposition: attachment; filename='error'

Is the oauth 1 expired ?

The API doc said : (https://www.dropbox.com/developers-v1/core/docs)

OAuth 1.0 continues to be supported for all API requests, but OAuth 2.0 is now preferred. Find out more in our OAuth guide

so, I don't know why. last week the process is ok .

Find more posts tagged with

API

Abuse

Comments

Greg-DB

Yes, as announced last year, API v1 has been retired. You can find more information in the blog post here:

https://blogs.dropbox.com/developers/2016/06/api-v1-deprecated/

We notified developers by email, but it sounds like those emails unfortunately did not make it to you.

OAuth 1 was only used by API v1, so it has been retired along with API v1.

Now that API v1 has been retired, further API calls to it will fail. (There is a notice about the general API v1 deprecation at the top of the API v1 documentation.)

You should migrate your app to API v2 instead:

https://www.dropbox.com/developers

API v2 uses OAuth 2, which is documented here:

https://www.dropbox.com/developers/documentation/http/documentation#authorization

If you need more time to migrate your app to API v2, we can offer an extension for access to API v1. To request that, please open an API ticket with the relevant app key(s):

https://www.dropbox.com/developers/contact

blink

Thanks for your reply!

we use V1 oauth , and use API V2 to upload files. this model is ok. The user input dropbox username and password to get Authorization. then we send the URL to the user email. the user open the URL and Authorization. can we use V2 oauth to achieve this model ?

Thanks.

blink

PS: we use oauth v1 to get token. the api :

https://api.dropbox.com/1/oauth/request_token

https://api.dropbox.com/1/oauth/access_token

https://api.dropboxapi.com/1/oauth2/token_from_oauth1

https://www.dropbox.com/1/oauth/authorize?oauth_token=

The user only input dropbox username and password. we will send the Authentication URL to the user email by our device. (our device have no browse). the user open the URL by phone or pc to Authorization our app to access their dropbox.

How can we use oauth 2 to achieve this function . many thanks.

pcworld

I'm in a similar situation. I'm the developer of an app on a platform (webOS) where the Dropbox login page is broken in the native browser. With OAuth 1 I solved this by having the user open the authorization URL on another device, where they only needed to approve the authorization request and the app would start working afterwards.
With OAuth 2 the user needs to additionally transfer the auth token back to the webOS device, which makes it even more complicated for the user. I don't think there's an easier solution with OAuth 2 though.

Greg-DB

@blink For reference, your app should never be directly handling the user's username and password. The user should only ever put those in to the Dropbox web site, e.g., when logging in to the Dropbox web site during the OAuth app authorization flow to authorize the API app. This applies to both API v1 and API v2.

For API v2, which only supports OAuth 2, you should migrate to using OAuth 2 entirely, not OAuth 1. (If you have any remaining OAuth 1 access tokens you need to migrate to OAuth 2 for use with API v2, you should use /2/auth/token/from_oauth1 which is an API v2 endpoint and will continue to work.)

You can find the OAuth 2 documentation here:

https://www.dropbox.com/developers/documentation/http/documentation#authorization

The Dropbox OAuth 2 implementation supports the "token" and "code" flows, which unfortunately don't work as well with the technique of emailing the authorization link to the user to have them authorize the app on another device. This is because the "token" flow requires a redirect URI, and the "code" flow, when used without a redirect URI, requires the user to manually transfer the authorization code somehow, as pcworld mentioned.

If that doesn't work for your app, e.g., if it doesn't have a browser at all, open an API ticket with details about your app and use case and we'll see if there's something we can do to help.

Greg-DB

By the way, if you need more time to migrate your app to API v2, we can offer an extension for access to API v1. To request that, please open an API ticket with the relevant app key(s).

blink

Many Thanks.

we will discuss the solution. and I submit the open an API ticket .

blink

in fact, our app should never be directly handling the user's username and password. our app will send the Dropbox web site URL to the user email. the user open the URL and Authorization to our app. then our app upload the file to the user dropbox.