Greg-DB Dropbox Community Moderator

@"steve_r" No, the Dropbox API doesn't offer a constant for the root like that, but I'll pass this along as a feature request. I can't promise if or when that might be implemented though. Note that the root namespace ID can change though, so while you can cache the value so you don't have to look it up each time, be aware…

You should implement the OAuth app authorization flow to let your end-user(s) (in this case, your client) connect their Dropbox account, rather than have them register their own app. It is not possible to get a refresh token (i.e., for long-term access) without doing so. For reference, we do not recommend having end-users…

@"nitish166" Здравко is correct; refresh tokens don't expire by themselves, so you should store and re-use them, instead of starting the app authorization flow each time.

This appears to be related to Google's browsing protections, not the Dropbox API itself. Please refer to Google's resources for help, such as: https://developers.google.com/search/docs/advanced/security/social-engineering

@"simatec" Whether using the old long-lived access tokens, or new short-lived access tokens/refresh tokens, 'redirect_uri' is optional when you're using 'response_type=code' (such as for the standard code flow for server-side apps, or PKCE flow for client-side apps). When it is omitted, the user is presented with the…

Thanks for following up. I'm glad to hear you were able to resolve the exception. I'm not sure I understand your follow up questions though. Can you clarify? Thanks!

@"simatec1976" Thanks for the information. I'm sending this along as a feature request for the ability to get a refresh token via the Generate button on the App Console, but I can't promise if or when that might be implemented. For reference, we do not recommend having end-users create/register apps themselves on Dropbox…

The Dropbox API offers the ability to programmatically remove members from a team via the /2/team/members/remove endpoint: https://www.dropbox.com/developers/documentation/http/teams#team-members-remove By the way, that's a link to the documentation for the HTTPS endpoints themselves, but we recommend using one of the…

A TaskCanceledException can occur if the connection times out. How much data are you attempting to upload in the UploadSessionStartAsync itself? That is, in your "stream" variable? (You mentioned you're attempting to upload a file larger than 150 MB; you should only be sending a part of that in each request though, e.g.,…

[Cross-linking for reference: https://stackoverflow.com/questions/71549526/downloading-file-from-dropbox-dropbox-api ] Thanks for sharing the resolution. I'm glad to hear you already got this sorted out.

@"simatec" Thanks for the note. You'll need to update your app to use refresh tokens if it needs to maintain long-term access without manual user intervention. You can find more information on this migration here, and you can find more information about this functionality in the OAuth Guide and authorization documentation.

Thanks for the report. This doesn't seem to reproduce for me though, so can you share: * the version number of the Python SDK you're using * the rest of the relevant code, e.g., how you're building your 'Dropbox' client object (but don't include your access/refresh token) * a sample 'path' value * several sample request…

In this snippet, it looks like you're just passing in an access token string as that ACCESS_TOKEN variable. That constructor is for supplying just an access token. To use a refresh token, you would use the DbxClientV2​(DbxRequestConfig requestConfig, DbxCredential credential) constructor (where the refresh token is in the…

Yes, that's correct. The SDK client knows how to use the credentials (refresh token, app key, and for the non-PKCE case, app secret) to automatically perform the refresh process whenever needed, so that calls continue to work.

To clarify, once you have a refresh token, the process to get a new short-lived access token when the previous short-lived access token is expired is entirely programmatic and does not require manual user interaction. In fact, the SDK will do it for you automatically in the background. (You can call…

It is not possible to fully automate the OAuth process where the user chooses to authorize the app and the app then receives the resulting access token and optional refresh token. This needs to be done manually by the user at least once. If your app needs to maintain long-term access without the user manually…

I'm not sure I follow. Dropbox provides these API calls/methods for performing whatever operations the third party app (your app) needs to perform, but it's up to the third party app to build and show its UI to the end-user, allow them to perform actions and provide input, and use its logic to determine what calls to make…

Thanks for following up. I'm glad to hear you got this working. Yes, I've asked the team to add that example to the documentation.

As in your previous thread, the UploadAsync method is for uploading a file (whether a new file or a new version of an existing file). If you want to rename an existing file you should use MoveV2Async instead. Additionally, if you want to duplicate, that is, make a copy of, an existing file, you can use CopyV2Async instead.…

I see you also opened a new thread for this, so I'll follow up with you there.

@"Acey1" It sounds like you're using the "Generate" button on the app's page on the App Console to create a new access token. Note that this now only creates "short-lived access tokens", which do expire after a short period of time. Also, note that if you leave or refresh that page, the previous access token will no longer…

Dropbox does offer an API you can use for listing, uploading, and downloading files, among other operations. You can find everything you need to get started with the Dropbox API, including documentation, tutorials, and SDKs here: https://www.dropbox.com/developers Specifically, to upload files, you can use /2/files/upload…

Thanks for the context. The underlying issue in this case may be different though. Also unfortunately sometimes request IDs are not sufficient (depending on the nature of the failure and some details of how the backend works). While we're looking into some errors on this endpoint we want to make sure we're identifying…

Yes, the PKCE flow in particular is a version of the OAuth 2 authorization flow that doesn't require the app secret, meant for client-side apps where an app secret can't be kept secret. It does so by using a 'code_challenge' on the /oauth2/authorize step and corresponding 'code_verifier' on the following /oauth2/token…

@"lizat" Здравко is correct, the Embedder documentation is the official reference for information on setting up and configuring the Embedder.

Thanks for the report! This looks like it may be a bug on our side. We'll look into it and I'll follow up here with any updates.

Dropbox is in the process of switching to only issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens. You can find more information on this migration here. Apps can still get long-term access by requesting "offline" access though, in which case the app receives a "refresh…

We'll need to look into this further. Can you please open an API ticket and include: * Does it work successfully if you retry a failed call? * What's the affected app name or key? (Don't share any app secret, access token, or refresh token though.) * What account ID(s) are affected? Thanks in advance!

The UploadAsync method is for uploading a file (whether a new file or a new version of an existing file). If you want to rename an existing file you should use MoveV2Async instead. That takes a fromPath for the existing path (including file name) of the existing file to move or rename, and toPath for the new path…

This is the forum for the Dropbox API, but it sounds like your question is more about general software design, so it may be better suited in a general programming forum instead.