Child Item

Started getting 401/Unauthorized for request_token in last 12 hours

Hi guys, in the last 12 hours all my customers started getting a 401/Unauthorized when my WordPress plugin makes it's call to request_token ( https://api.dropbox.com/1/oauth/request_token)

From the documentation it says that the 401 is returned when you have a stale access token - but I'm getting it when trying to get the request_token..

This code hasn't changed for many months and is not working across many different machines so it appears something has changed on the server but I'm not sure what.

Does anyone have any suggestions? Thanks

Bob

Find more posts tagged with

API

Abuse

Comments

Brian S.103

We are seeing the same thing. Is the oauth1 flow deprecated?

Francisco J. M.

Same problem here, I did some research on the blog and status sites and no notice about deprecating the OAuth1 flow anywhere. Asked on twitter as well and no response.

Greg-DB

Thanks for the reports! We're looking into it. Meanwhile, this seems to only affect HMAC-SHA1 signing, so if you can, switch to using PLAINTEXT:

https://www.dropbox.com/developers/blog/20/using-oauth-in-plaintext-mode

Andrew S.96

This is effecting us pretty badly right now too.

Artifex I.

This is affecting us really badly too.

Can you please post about the outage on https://twitter.com/DropboxSupport ? Trying to switch our iOS app over to plaintext and getting that through Apple review isn't a great workaround :-(

Greg-DB

Thanks for the additional reports. We have a fix for this and should be deploying it later today.

Greg-DB

This should be fixed now. Please let us know if you're still seeing any issues.

Bob R.27

It's working for me. Thanks!

Bob

Wappwolf I.

Hi,

We also have this issue.

When trying to get a request_token using

https://api.dropboxapi.com/1/oauth/request_token

The code hasn't changed since 1 year.

Greg-DB

Please open an API ticket with a sample request and response so we can look into it:

https://www.dropbox.com/developers/contact

L. Joey

Hi Sir,

We also have same issue as calling request_token.

We already opened one ticket to you, please help to check. Many thanks!

Doug C.22

When you say it should be fixed do you mean if we re-implement with the oauth1.0 path???

Greg-DB

Doug, I'm not sure if I understand your question. This issue was only affecting apps already using OAuth 1, with HMAC-SHA1 signing in particular. The fix should have resolved the issue for these apps without requiring the apps to be updated.

If you're seeing any unexpected errors, please open an API ticket with the details so we can look into it specifically:

https://www.dropbox.com/developers/contact