Greg-DB Dropbox Community Moderator

Dropbox doesn't offer programmatic control over an app's webhook configuration, but I'll be happy to pass this along as a feature request. To clarify though, do you want to be able to enable/disable a webhook URI entirely, or just register/unregister for webhook notifications for a particular user/team?

The /2/files/upload endpoint is a "content-upload" style endpoint, meaning that it expects the raw file data to be uploaded as 'application/octet-stream' in the request body. That being the case, you should send only the file data in the request body, without any additional encoding. I see in your code, for instance, that…

Yes, the change is still planned for September 30, 2021.

While the creation of new long-lived access tokens is now deprecated, we don't currently have a plan to disable existing long-lived access tokens. (If that changes, we will of course announce that ahead of time.) That being the case, you can continue using existing long-lived access token(s) without interruption. Note…

I'll be happy to help with any issues you're having with the Dropbox API, but I'll need some more information. Please reply with: * the name and version number of the platform and SDK/library you are using, if any * the steps to reproduce the issue, including relevant code snippet(s), but don't include any access/refresh…

There doesn't appear to be anything wrong in these lines, but it's possible the header name is getting corrupted elsewhere in the stack, before the value gets to your code.

That header name "X- ropbox-Signature" does look incorrect; it should be "X-Dropbox-Signature". I just tried this myself though, setting up a server to receive Dropbox webhook notifications, and I am receiving the correct "X-Dropbox-Signature" header name, not "X- ropbox-Signature", so there may be something on your…

We've added the ability to supply a DBAccessToken (which can contain a refresh token) directly which is available as of v6.2.0. Please give that a try and let us know if that doesn't work for you. Thanks!

To get nested entries like that, you'll need to set ListFolderArg.Recursive to true when first calling ListFolderAsync.

Thanks for the report. I'll ask the team to fix up that error handling so it returns a proper error in that kind of case.

Thanks for the detailed write-up! Yes, as you found, the Dropbox backend needs to perform some additional work immediately after a folder like this is created. There isn't a great way to check on this programmatically unfortunately, so please add a sufficient delay. I know this is non-ideal and can be slow, so I'll send…

@"fistuk" While the creation of new long-lived access tokens is now deprecated, we don't currently have a plan to disable existing long-lived access tokens. (If that changes, we will of course announce that ahead of time.) That being the case, your users can continue using existing long-lived access token(s) without…

This should be working properly in the latest version of the SDK. Please give that a try and let us know if there are still any issues with that. Thanks!

When migrating a non-scoped app to scopes, the page will automatically select the scopes that match the legacy permission type of the app. (From there you can enable or disable scopes as needed.) For example, for a full Dropbox or app folder app, that will automatically include user scopes but not team scopes, since those…

The Dropbox API offers two different types of access tokens: long-lived and short-lived. Both types can be used to make Dropbox API calls. You can find more information on how the authorization system works in the OAuth Guide. * Long-lived access tokens do not expire automatically, though they can be revoked by the user or…

While the creation of new long-lived access tokens is now deprecated, we don't currently have a plan to disable existing long-lived access tokens. (If that changes, we will of course announce that ahead of time.) That being the case, you can continue using existing long-lived access token(s) without interruption. You are…

The Dropbox API unfortunately doesn't offer the ability to find files by date range like this, but I'll pass this along as a feature request. I can't promise if or when that might be implemented though.

Use of a redirect URI is optional, and you can still request offline access to get a refresh token back without using a redirect URI. When not using a redirect URI, the user would just need to manually copy/paste the authorization code into the app. You can do that like this: First, get the authorization URL, requesting…

Dropbox does offer the ability to programmatically permanently delete files, via the /2/files/permanently_delete endpoint. (That's a link to the documentation for the HTTPS endpoints themselves, but we recommend using one of the official SDKs if possible. Those have corresponding native methods for the HTTPS endpoints.)…

It sounds like the links on your account have been banned. You can find more information on that here.

Individual scopes enable access to functionality relevant to any account. Team scopes enable access to functionality specific to Business teams only. Team scopes can only be authorized by team admins. You can see which scope is required for each endpoint in the API documentation, e.g., for the user endpoints, which require…

No, unfortunately Dropbox does not offer the ability to grant an app/access token access to specific existing folder(s) only, but I'll pass this along as a feature request. I can't promise if or when that might be implemented though. 

I confirmed that https://tonyxu-io.github.io/pkce-generator/ generates a correct code challenge that Dropbox accepts, so it sounds like there's something wrong in the process you were using. It looks like the issue is that the "SHA-256 hash calculator" is presenting the hash with hex encoding, which should not be used in…

Can you elaborate on what you mean when you say "it doesn't work"? What unexpected error or output are you getting?

Yes, Dropbox is in process of migrating all apps to use scopes. This is a backwards compatible migration; scoped apps can use all of the same functionality as non-scoped apps. Scopes just offer more granularity in the control over which functionality you enable for the app. You can find more information on the migration in…

You can contact support for help regarding the state of your account.

That code_challenge value does not appear to be correct for that code_verifier value. I tried plugging "2LORVR1BWsWNkUuLISmv28MR44bYCiq39mU5m8QuzKM" into https://tonyxu-io.github.io/pkce-generator/ as the "Code Verifier" and got a "Code Challenge" of "xkyg5O2AFQ7xMW1A4tJEXhBee-7mOjI3Zf5a_GxuKCc". Also, make sure you're…

You can only specify 'scopes' when using an app that is registered as a "scoped" app. Your app 1 is not scoped, so you can't specify scopes for it. You should migrate it to be a scoped app via the "Permissions" tab of the app's page on the App Console.

[Cross-linking for reference: https://stackoverflow.com/questions/69069412/issue-regarding-list-folder-continue-in-drop-box ] To get entries in subfolders as well, you should set 'recursive: true' when calling /2/files/list_folder. That will apply to subsequent calls to /2/files/list_folder/continue with resulting cursors.

To maintain long-term access, you'll need to request "offline" access, as you're doing, and then supply the app key (the app secret isn't needed since you're using PKCE) and refresh token. As long as you do so, the SDK will handle the refresh process for you automatically. You can find an example of setting the refresh…