Forum Discussion

Helpful | Level 5

2 years ago

Authentication to dropbox

1. I am developing an application, which will have about 4-6 users with different email addresses.

2. Then I have created a dropbox app and scope is the application folder (from this account)

3. So I did the part where you get the code, from there it is redirected to here --> http://localhost:5000/auth/dropbox-redirect?code=<generated-code>

4. However, i get an error.... this endpoint is the server side and the running code is this (ocalhost:3000/dashboard - is frontend)

const dbxRedirect = async (req, res, next) => {

try {

const { code, state } = req.query;

console.log(`code:${code}`);

const redirectUri = `https://dropbox.com/oauth2/authorize?response_type=code&client_id=${process.env.DBX_APP_KEY}&redirect_uri=http://localhost:3000/dashboard&token_access_type=legacy`;

try{

let token = await dbx.auth.getAccessTokenFromCode(redirectUri, code);

// store token and invalidate state

req.session.token = token;

console.log(token);

mycache.del(state);

res.send(token);

}catch(error){

console.log(error);

return next(error);

}

};

DropboxResponseError: Response failed with a 400 code
at D:\GitHubProjects\docMgtSys\document-management-system\node_modules\dropbox\cjs\src\response.js:34:11
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async dbxRedirect (D:\GitHubProjects\docMgtSys\document-management-system\controllers\auth-controller.js:136:26) {
status: 400,
headers: Headers {
[Symbol(map)]: [Object: null prototype] {
'content-security-policy': [Array],
'content-type': [Array],
'accept-encoding': [Array],
date: [Array],
server: [Array],
'content-length': [Array],
'x-dropbox-response-origin': [Array],
'x-dropbox-request-id': [Array],
connection: [Array]
}
},
error: {
error: 'invalid_request',
error_description: 'unknown field "token_access_type"'
}
}
DropboxResponseError: Response failed with a 400 code
at D:\GitHubProjects\docMgtSys\document-management-system\node_modules\dropbox\cjs\src\response.js:34:11
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async dbxRedirect (D:\GitHubProjects\docMgtSys\document-management-system\controllers\auth-controller.js:136:26)

API

Greg-DB
2 years ago
Tshaniii Also, since you're using the Dropbox JavaScript SDK, you shouldn't manage those URL parameters directly anyway. You would use the getAuthenticationUrl method to build your authorization URL.

And you shouldn't be passing the /oauth2/authorize authorization URL to getAccessTokenFromCode. That method takes your redirect URI and the authorization code. From what you shared, your redirect URI is "http://localhost:5000/auth/dropbox-redirect".

You can see an example of using this method here.

Здравко
Legendary | Level 20
2 years ago
Tshaniii wrote:
...
const redirectUri = `https://dropbox.com/oauth2/authorize?response_type=code&client_id=${process.env.DBX_APP_KEY}&redirect_uri=http://localhost:3000/dashboard&token_access_type=legacy`;
...
error: {
error: 'invalid_request',
error_description: 'unknown field "token_access_type"'
}
...
Hi Tshaniii,
Hm..🤔 Yes, there is no such type of access token literal. 'legacy' is something assumed by default! In particular 'legacy' is the same like 'online' (but might change at some point in the future; as has been different thing in the past). Take a look in documentation what 'token_access_type' can be. As is mentioned there, it's either 'online' or 'offline'; no other literal is allowed.
Hope this helps.

PS: One more note about your 'redirectUri'! As assigned it's not a redirect URI; it's URL that you should redirect your users to authorize your application (grant access to their accounts data). The redirect URI is part of this URL!
Greg-DB
Dropbox Staff
2 years ago
Tshaniii Also, since you're using the Dropbox JavaScript SDK, you shouldn't manage those URL parameters directly anyway. You would use the getAuthenticationUrl method to build your authorization URL.

And you shouldn't be passing the /oauth2/authorize authorization URL to getAccessTokenFromCode. That method takes your redirect URI and the authorization code. From what you shared, your redirect URI is "http://localhost:5000/auth/dropbox-redirect".

You can see an example of using this method here.
- Tshaniii
  Helpful | Level 5
  2 years ago
  Thank you very much Greg-DB & Здравко ! Got it done 🙂

About Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

5,877 PostsLatest Activity: 12 months ago

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!

Forum Discussion

Authentication to dropbox

About Dropbox API Support & Feedback

Related Content

Compromised Account: changed password and authentication method.

Upload a file on dropbox using a direct https link without authentication on the front

Lost phone with Google authenticator and couldn't sign in now

Multi-factor authentication doesn't work the way I want it to.

Dropbox Business authentication timeout settings in Word.

Recent Discussions

get_shared_link_metadata API problem with the new '/scl' folder links.

Trying to download a file, but no file is being downloaded.

Dropbox internal error occured - Resolution

How to add the entire team to team folder by api

API Upload .HEIC and convert to JPG