2025 sparked some incredible conversations across our community 👩💻. Discover the highlights and see what’s ahead in 2026.
Forum Discussion
Dropbox .net SDK, automatic refresh of access token not working
Hi there,
I'm using the latest (6.22.0) version of the .net API. However it seems that the access token is not being automatically refreshed causing a bad request error to be thrown when I try ...
I've noticed that calling the method RefreshAccessToken(ScopeList) on the Dropbox client also results in a BadRequest error. Currently there seems to be no way to resolve this without sending the user right back through the whole OAuth2 authentication process.
There are also no error details provided with the BadRequest error, but reauthenticating causes everything to start working again.
I've managed to debug into the .net source code and the error returned by the DropBox API is "No auth function available for given request". It seems that the SDK does not have the facility to pass on the data retrieved from the API, once it fails to pass EnsureSuccessStatusCode() it will simply return the status code with no additional data.
public async Task<string> GetAccessToken(string LicenseServerAddress = null) { try { // Short lived ID that allows us to identify ourselves to the casoftkeywebsite string SessionID = Guid.NewGuid().ToString("N"); var redirect = DropboxOAuth2Helper.GetAuthorizeUri(OAuthResponseType.Code, AppKey, RedirectUri, SessionID, false, false, null, false, TokenAccessType.Offline, ScopeList, IncludeGrantedScopes.None, null); // Take the user through authentiation Process.Start(redirect.ToString()); string ServerAddress = null; // Get the code from casoftkey, we store them there after authentication if (!string.IsNullOrEmpty(LicenseServerAddress)) { ServerAddress = LicenseServerAddress; } else { ServerAddress = m_engine.BorregoEngine.GetCCConfigFileValue("LicenseServerAddress"); } Root6LicensingRestClient Client = new Root6LicensingRestClient(ServerAddress); var TokenResult = await Client.GetToken("ContentAgent", "!~P8+AF<,v$/z~Mp"); if (!string.IsNullOrEmpty(TokenResult.error)) { if (!string.IsNullOrEmpty(TokenResult.error_description)) { return TokenResult.error + " : " + TokenResult.error_description; } return TokenResult.error; } Client.SetAuthenticationToken(TokenResult.access_token); ServerResult<DropboxOAuth2Info> result = null; int Timeout = 60; // 60 seconds to get the code response int TimeoutCounter = 0; do { TimeoutCounter++; result = await Client.GetDropboxCode(SessionID); System.Threading.Thread.Sleep(1000); } while ((result == null || result.Data == null) && TimeoutCounter < Timeout && result.OperationResult != enDatabaseOperationResult.Error); if (result !=null) { if (result.OperationResult == enDatabaseOperationResult.Error) { return "Error retrieving Dropbox code: " + result.error; } } else if (TimeoutCounter >= Timeout && (result == null || result.Data == null)) { return "Timed out waiting for the user to authenticate with Dropbox"; } OAuth2Response CodeResponse = null; if (result.Data.SessionID == SessionID) { CodeResponse = await DropboxOAuth2Helper.ProcessCodeFlowAsync(result.Data.Code, AppKey, AppSecret, RedirectUri); Settings.AccessToken = CodeResponse.AccessToken; Settings.RefreshToken = CodeResponse.RefreshToken; if (CodeResponse.ExpiresAt != null) { Settings.AccessTokenExpiry = (DateTime)CodeResponse.ExpiresAt; } else Settings.AccessTokenExpiry = DateTime.MinValue; Settings.UID = CodeResponse.Uid; } else { return "SessionID did not match the ID we submitted"; } } catch (Exception e) { return e.Message; } return null; }This is the code I am using to authenticate with Dropbox, maybe I am doing something wrong here?
I've managed to sort the issue. Debugging through the SDK source code, I could see that I wasn't setting the AppSecret, though from the comments in the SDK, it appears that this is not critical. However when I changed the code I use to create the Dropbox client and used the overload that includes the AppSecret, the SDK was able to retrieve a refresh token.
It would be useful if the proper error messages received from the server is returned from the API call. For example when the RefreshAccessToken method is called in the DropboxRequestHandler, the call to response.EnsureSuccessStatusCode() (on line 288) throws an exception which causes the method to only return the basic information, in this case BadRequest provided by that exception. Instead, what you really should be doing is creating some custom code to handle a non Success status code then if possible, you need to be parsing the Content of the response like you do for a successful request i.e. var json = JObject.Parse(await response.Content.ReadAsStringAsync()) which will then provide you with additional error information that you can pass on to the user which will at least give them a clue, in my case it was the "No auth function available for given request" message which provided a bit of a clue.
For example, something a bit like this.....
string Error = null; try { response.EnsureSuccessStatusCode(); } catch (Exception ex) { Error = ex.Message } var json = JObject.Parse(await response.Content.ReadAsStringAsync()); if (!string.IsNullOrEmpty(Error) { // Do something with the decoded json data and then maybe throw a new exception with this data } if (response.IsSuccessStatusCode) { var json = JObject.Parse(await response.Content.ReadAsStringAsync()); string accessToken = json["access_token"].ToString(); DateTime tokenExpiration = DateTime.Now.AddSeconds(json["expires_in"].ToObject<int>()); this.options.OAuth2AccessToken = accessToken; this.options.OAuth2AccessTokenExpiresAt = tokenExpiration; return true; } return false;Also, since in this case it was the lack of AppSecret that was causing the issue, an error reflecting this would be very useful.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
