Child Item

BadInputError when using OAuth token with "Dropbox-API-Select-Admin" header

We are developing a Django application and are running into a specific API error when trying to act on behalf of a team admin after a successful OAuth2 flow. We would be very grateful for any guidance on what we're doing wrong.

Our Goal:

A superuser on our app (who is also a Dropbox team admin) authorizes our app via OAuth2. We then want to use that token to make API calls as that admin to scan folders within the team's shared space.

The Problem:

The OAuth2 flow works perfectly. We successfully receive an access_token, a refresh_token, and the admin's account_id.

However, when we try to use these credentials to make our first API call, we receive a 400 Bad Request from the API server with the following error:

BadInputError: Error in call to API function "users/get_current_account": Invalid select user id format

Our Environment & Setup:

Platform: Django / Python 3.11.2 / Gunicorn

Dropbox SDK Version: 12.0.2

OAuth2 App Permissions Requested: account_info.read, files.metadata.read, team_info.read, team_data.member, team_data.content.read, members.read, groups.read

The Code That Causes the Error:

The error originates from our utility function that creates the Dropbox client. The credential.team_member_id variable holds the account_id that was returned from the successful OAuth2 flow result.

# From our app's utility file

import dropbox
from .models import DropboxCredential

def get_dbx_client():
credential = DropboxCredential.objects.first()
if not credential:
return None, "Dropbox not connected."

# Manual token refresh logic... (This part works correctly)

try:
# 1. Create a standard Dropbox client with the valid access token.
dbx = dropbox.Dropbox(credential.access_token)

# 2. Set the special header to act on behalf of the admin user.
# This is where the problem seems to be.
dbx._session.headers['Dropbox-API-Select-Admin'] = credential.team_member_id

# 3. THIS is the API call that triggers the BadInputError from the server.
account_info = dbx.users_get_current_account()

# ... rest of logic to set path root, etc. ...

except dropbox.exceptions.BadInputError as e:
# This is the exception we are catching.
return None, f"Dropbox API rejected the request (BadInputError): {e}"
except Exception as e:
return None, f"An unexpected error occurred: {e}"

Our Question:

The error message Invalid select user id format strongly suggests that the account_id we get from the OAuth2 flow is not the correct value or format for the Dropbox-API-Select-Admin header.

What is the correct value we should be using for this header? Is there an intermediate API call we need to make (using the account_id) to get the correctly formatted "select user" ID that this header requires?

Thank you for your time and any help you can provide.

Find more posts tagged with

Comments

Greg-DB

I see you're getting an "Invalid select user id format" error, which indicates that the value you're sending in the "Dropbox-API-Select-Admin" header is not of the expected format. That seems to be coming from your credential.team_member_id variable.

Note that "Dropbox-API-Select-Admin" (and "Dropbox-API-Select-User") expect a "team member ID", not an "account ID". You can find more information on this feature in the documentation here under "Member file access".

It sounds like you're passing in an account_id instead of a team_member_id. You can instead get the team_member_id from a number of endpoints on the API, such as /2/team/members/get_info_v2, which is team_members_get_info_v2 in the Python SDK.