nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Child Item

OAuth broken (Missing client_id) if force_reauthentication=true

pp111

Hello,

Today it is not possible to authorize an application using OAuth if the parameter force_reauthentication is set to true (force_reauthentication=true)

The same error is displayed with the parameter prompt=login

For example this url:

https://www.dropbox.com/oauth2/authorize?client_id=6m49bsosxta8vpm&state=188620817&response_type=code&force_reauthentication=true&redirect_uri=http://127.0.0.1:35831/&token_access_type=offline&code_challenge_method=S256&code_challenge=omq_TXM9aH8GIlhUx6xT9-D20Ckz6Z46LMrWU2_uOn0

shows the error Missing client_id although the client_id is included in the request.

However, the same url but with force_reauthentication=false works fine:

https://www.dropbox.com/oauth2/authorize?client_id=6m49bsosxta8vpm&state=188620817&response_type=code&force_reauthentication=false&redirect_uri=http://127.0.0.1:35831/&token_access_type=offline&code_challenge_method=S256&code_challenge=omq_TXM9aH8GIlhUx6xT9-D20Ckz6Z46LMrWU2_uOn0

Please check it as soon as possible as the users are not able to link their accounts with our applications.

Find more posts tagged with

API

Abuse

Accepted answers

iNeil

Hi @pp111 and @De L.1,

The engineering team has updated me, and the issue was related to a recent migration.

They’ve informed me that the issue should now be resolved, and you should be able to use the force_reauthentication=true or prompt=login parameter with the Auth URL for the OAuth authorization flow. We appreciate your patience as we worked through this case.

All comments

iNeil

Hello @pp111,

Thank you for bringing this to our attention.

I was able to replicate the issue you're experiencing with the OAuth authorization flow based on the information that you have provided. It appears to occur when the force_reauthentication=true parameter is included in the Auth URL. I've escalated this to our engineering team for further investigation. Once I have an update I will let you know.

In the meantime, as a temporary workaround, please set the force_reauthentication parameter to false in the Auth URL if your user needs to connect to your API app.

Please feel free to let me know if you have any questions, or if there is anything else I can help you with.

De L.1

@iNeil, note that this also applies when using e.g. prompt=login, as this is equivalent to force_reapprove=true. See the Auth URL example in the related topic:

https://www.dropboxforum.com/discussions/101000014/getting-authorization-errors-while-logging-with-php-sdk/831141

pp111

@iNeil, thank you for looking into it.

Please let us know if the engineering team has an estimation on when they can fix the issue (hours, days, weeks...). Our applications are thick Windows and Mac applications that can not implement the workaround easily because it would require to update and install it on thousands of computers.

We are trying to decide if we should wait for Dropbox to fix it, or we should distribute an update with the workaround to all the computers, so any estimation will be very helpful.

iNeil

Hi @pp111 and @De L.1,

De L.1

@iNeil I can confirm that this has been resolved for me. Thank you for your quick response!

pp111

@iNeil thank you! it is working now. I appreciate the quick fix.