We’re encountering a persistent OAuth issue that affects only one user on a Dropbox Business account.
Issue Summary:
- Affected user: Dropbox Business (Standard or Advanced)
- OAuth scopes requested:
files.content.write files.content.read files.metadata.read files.metadata.write account_info.read - These are individual scopes only—no team scopes are requested.
- The app is private and not listed in the App Center.
What Happens:
- The user successfully reaches the Dropbox OAuth consent screen.
- After clicking "Allow", Dropbox returns a 500 Internal Server Error at this URL:
https://dropbox.com/1/oauth2/authorize_submit - The error occurs after consent, and Dropbox never redirects back to our app.
What We’ve Established:
- OAuth works for individual Dropbox users.
- OAuth works for other Dropbox Business users, including admins and non-admins.
- App permissions in the Admin Console for "Other Apps" being set to "Block" does not appear to be the issue.
- No use of team-level scopes.
- The affected user removed and reauthorized the app.
- We replicated the flow in Dropbox Advanced with other team users and couldn’t reproduce the issue.
Request for Help:
We’d appreciate any insights into:
- Why a 500 error might occur at /1/oauth2/authorize_submit for one user only.
- Whether this could be related to team configuration or a Dropbox-side authorization issue.
- Any Dropbox-side logs or tools that could help investigate this issue.
We’re happy to provide HAR files, timestamps, or other technical details.
Thanks in advance!
