Greg-DB Dropbox Community Moderator

You should implement the OAuth app authorization flow to get an access token, and optionally a refresh token. You can find information on that in the OAuth Guide and authorization documentation.

@"DrMDodd" For the official Dropbox API v2 .NET SDK in C#, you can find an example of getting and using a refresh token in the OauthBasic example (non-PKCE, meant for server-side apps) as well as in the OAuthPKCE example (PKCE, meant for client-side apps). As noted earlier in this thread, the SDK does not offer the ability…

@"marksmithhfx" Thanks for following up with the additional information. The "GET" and "POST" are referring to the HTTP "method" for the HTTP request. Every HTTP request uses one of a number of methods, for various different use cases, with GET and POST being two of the most commonly used ones. The Dropbox /oauth2/token…

@"marksmithhfx" Is that the exact code you're running? It looks correct, and it does work for me when I plug in my values. There may be something about how your client is formatting the request causing it to fail. Perhaps you can share the actual request/response you're getting (just redacting the sensitive values) so I…

@"RohanRaman" Thanks, that's helpful. I'm bringing this up with the right people to ask for that to be updated.

To get a refresh token, you'll need to use the OAuth app authorization flow. It is possible to process this in C#. For the official Dropbox API v2 .NET SDK in C#, you can find an example of getting and using a refresh token in the OauthBasic example (non-PKCE, meant for server-side apps) as well as in the OAuthPKCE example…

@"RohanRaman" Can you share the information they gave to you? For instance, the message they sent and any links/references to the "correct" branding? I'll send it along to the right people on our side. Thanks in advance! (You can also open an API ticket here if you'd prefer to share privately for whatever reason.)

@"Kase_Kuchen" Rich is correct, Dropbox webhooks are a way for third party applications to be notified of changes; they are not a way to create or access files. I recommend reading the Getting Started guide and File Access Guide first.

Dropbox is in the process of switching to only issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens. You can find more information on this migration here. Apps can still get long-term access by requesting "offline" access though, in which case the app receives a "refresh…

For reference, the Dropbox API now also suppresses email notifications when using quiet=true on /2/sharing/add_file_member.

Thanks for following up. Please do let us know if you find anything else. Unfortunately since that endpoint does not expect anything in the request body, I believe attempting to send any such dummy data would cause the call to fail validation. And yes, in any case that we need to intentionally make a breaking change, such…

Thanks for the report! We'll look into it, but we could use a few more pieces of information: * Can you confirm that you are not using an official Dropbox SDK (such as the official Dropbox Objective-C or Swift SDK)? In that case, what network client are you using? * Can you share the relevant code snippet(s) for…

When you download file data from the Dropbox API, the API response will contain the requested data in the response body. Exactly what you do with that data, and how, is up to you and will depend on your environment. That's not part of the Dropbox API and is out of our control, so I can't tell you exactly what you can or…

Engineering is looking into it, but I don't have an update yet. I'll follow up here once I do.

@"TessaP" Здравко is correct, this is something that would need to be supported in rdrop2. You may need to reach out to the developer of rdrop2 for help or an update.

@"Steven_R" Здравко is correct. The 'token_access_type' parameter is only used on /oauth2/authorize, not /oauth2/token. This is unrelated to the app's access type (full Dropbox versus app folder).

1. Dropbox and the Dropbox API don't offer a concept of sharing with an application exactly; sharing takes place across accounts. For example, a user can share a folder with another user. A user can authorize an app to access their account though, which would give the app (as long as it has the "Full Dropbox" access type)…

Yes, it sounds like you have the right handle on this now. For the Dropbox API calls themselves, they should either return a result, or raise some sort of exception (such as an API error, or some network error, etc.). They shouldn't fail silently. It seems that the issue with them failing silently was due to the thread…

Dropbox is in the process of switching to only issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens. You can find more information on this migration here. Apps can still get long-term access by requesting "offline" access though, in which case the app receives a "refresh…

@"Steven_R" We'll be happy to look into this specifically for you. Please open an API ticket here, with the following information: * an affected account ID * a sample HTTP request/response for a failure for that account, including both headers and body for both request and response, but redacting the access token itself *…

@"dropdev" The Dropbox web site does not work exactly the same way as the Dropbox API. The ListFolder[Continue] functionality does not guarantee a particular ordering. Make sure you implement the API calls as documented to make sure you get a correct representation of the listing. You can then apply whatever…

It is not possible to fully automate the OAuth process where the user chooses to authorize the app and the app then receives the resulting access token and optional refresh token. This needs to be done manually by the user at least once. If your app needs to maintain long-term access without the user manually…

What does your GetAuthorizeUri call look like? Your GetAuthorizeUri configuration needs to match your ProcessCodeFlowAsync configuration. For example, if you passed a redirectUri to GetAuthorizeUri, you need to also pass that same redirectUri to ProcessCodeFlowAsync. See this sample code as an example. You mentioned using…

@"Steven_R" As Здравко mentioned, Dropbox is in the process of switching to only issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens. You can find more information on this migration here. Apps can still get long-term access by requesting "offline" access though, in which case…

@"ShiminCai" Yes, as Здравко mentioned, the upload method only officially supports uploading files up to 150 MB in size. For larger files, like the "521.5 mb" file you mentioned, you will need to use "upload sessions".

@"renkoha" Здравко is correct; you'll need to register the domain and then use the Chooser on that domain, such as localhost, not 127.0.0.1.

Thanks for the report! We'll look into it.

@"MarioEM" That version should be sufficient. If you need help confirming anything for your app(s) in particular, please open an API ticket.

Thanks for the report. This should be working again now.

There isn't a way to force a short-lived access token to expire ahead of schedule, but I'll pass this along as a feature request. I can't promise if or when that might be implemented though. So, to test the actual 'expired_access_token' error for any particular short-lived access token, you would need to wait until it…