Forum Discussion

Explorer | Level 3

8 years ago

Solved

authorization_code grant running right thru and not asking for App permission.

Greg or moderator - can I post my client ID? https://www.dropbox.com/1/oauth2/authorize?response_type=code&client_id=XXXXXXXXX&redirect_uri=https://dash.dev.crmbuilders.com/dd/authorize&state=s...

API

Greg-DB
8 years ago
Yes, it's safe to post your client ID as long as you don't mind exposing your app name. Client IDs aren't considered secret values.

Anyway, this behavior is expected in some cases. That is, if the user has already authorized the app to access their account, Dropbox may automatically redirect the user to the redirect URI without having them explicitly authorize it again.

If you'd like, you can disable this behavior using force_reapprove=true on /authorize:

https://www.dropbox.com/developers/documentation/http/documentation#authorization

Greg-DB

Dropbox Staff

8 years ago

Yes, it's safe to post your client ID as long as you don't mind exposing your app name. Client IDs aren't considered secret values.

Anyway, this behavior is expected in some cases. That is, if the user has already authorized the app to access their account, Dropbox may automatically redirect the user to the redirect URI without having them explicitly authorize it again.

If you'd like, you can disable this behavior using force_reapprove=true on /authorize:

https://www.dropbox.com/developers/documentation/http/documentation#authorization

mjoyner1
Explorer | Level 3
8 years ago
Greg,

Thank you for shedding some light on this. For some reason, my localhost always forces the reapprove. Thru a strange course of events, we have discovered that we actually have a hostname issue in building the /token redirect and thus........ it doesn't match and no token.

Your answer is awesome and thank you for your exemplary work in this forum.
- Greg-DB
  Dropbox Staff
  8 years ago
  For reference, it is expected that the automatic redirect won't happen in all cases. For example, it will only occur if the redirect URI starts with https://.

About Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.5,972 PostsLatest Activity: 33 minutes ago

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!

Forum Discussion

authorization_code grant running right thru and not asking for App permission.

About Dropbox API Support & Feedback

Related Content

OAuth2 access token request invalid - grant_type expecting \"authorization_code"\

Decryption fails running iOS 14.2

Authorization code flow <AUTHORIZATION_CODE> expiration of offline token access type

ubuntu 23.10 stopped working "isn't running / is already running"

permissions error

Recent Discussions

Create new folder in existing Team Folder

upload file to my dropbox from python script

Request Id: eb653fb08d0e425eb445cc599c6e9e7d

Slow playback when streaming with AVPlayer

Issue in downloading shared files