One month down in 2025: How are your resolutions coming along? Check out how to get back on track here.
Forum Discussion
mjoyner1
8 years agoExplorer | Level 3
authorization_code grant running right thru and not asking for App permission.
Greg or moderator - can I post my client ID?
The above with the correct Client ID runs right to the redirect_uri without asking for permission. On my local development environment, it works fine with the localhost redirect. This is our staging server.
If I take out the redirect URI, it will ask for App Approval, if I put it in, it runs right thru.
Yes, it's safe to post your client ID as long as you don't mind exposing your app name. Client IDs aren't considered secret values.
Anyway, this behavior is expected in some cases. That is, if the user has already authorized the app to access their account, Dropbox may automatically redirect the user to the redirect URI without having them explicitly authorize it again.
If you'd like, you can disable this behavior using force_reapprove=true on /authorize:
https://www.dropbox.com/developers/documentation/http/documentation#authorization
- Greg-DB
Dropbox Staff
Yes, it's safe to post your client ID as long as you don't mind exposing your app name. Client IDs aren't considered secret values.
Anyway, this behavior is expected in some cases. That is, if the user has already authorized the app to access their account, Dropbox may automatically redirect the user to the redirect URI without having them explicitly authorize it again.
If you'd like, you can disable this behavior using force_reapprove=true on /authorize:
https://www.dropbox.com/developers/documentation/http/documentation#authorization
- mjoyner1Explorer | Level 3
Greg,
Thank you for shedding some light on this. For some reason, my localhost always forces the reapprove. Thru a strange course of events, we have discovered that we actually have a hostname issue in building the /token redirect and thus........ it doesn't match and no token.
Your answer is awesome and thank you for your exemplary work in this forum.
- Greg-DB
Dropbox Staff
For reference, it is expected that the automatic redirect won't happen in all cases. For example, it will only occur if the redirect URI starts with https://.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.5,941 PostsLatest Activity: 44 minutes ago
If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!