Forum Discussion

StormDragon_64's avatar
StormDragon_64
Explorer | Level 3
4 years ago

DropboxResponseError: Response failed with a 400 code

I was testing my (on replit) website that uses dropbox for downloads. The website works fine, but when I click the download button, nothing downloads and this appears in the logs:
(BTW this is bash)

DropboxResponseError: Response failed with a 400 code
at /home/runner/Chocolate-Syrup-picker/src/node_modules/dropbox/cjs/src/response.js:34:11
at processTicksAndRejections (internal/process/task_queues.js:95:5) {
status: 400,
headers: Headers {
[Symbol(map)]: [Object: null prototype] {
'cache-control': [Array],
'content-security-policy': [Array],
'x-content-type-options': [Array],
'content-type': [Array],
'accept-encoding': [Array],
date: [Array],
server: [Array],
'content-length': [Array],
'strict-transport-security': [Array],
'x-robots-tag': [Array],
'x-dropbox-response-origin': [Array],
'x-dropbox-request-id': [Array],
connection: [Array]
}
},
error: 'Error in call to API function "files/upload": The given OAuth 2 access token is malformed.'
}

  • Greg-DB's avatar
    Greg-DB
    Icon for Dropbox Staff rankDropbox Staff

    I see that you're getting the error "The given OAuth 2 access token is malformed". This error message should indicate that the access token being provided by the client (generally supplied as a "Bearer" value in the "Authorization" header of the HTTPS request sent by the third party app) is not of a valid Dropbox access token format. When sending the access token, the app needs to send the entire and exact access token unmodified, as it was originally supplied by Dropbox.

     

    Note that Dropbox currently has two types of access tokens: long-lived and short-lived. Long-lived access tokens should be 64 characters long total, while short-lived access tokens start with "sl." and will have more than 64 characters.

     

    I'm not aware of any issues that should currently be causing this error to be returned incorrectly. I also just tried both types of access tokens and they are working correctly for me.

     

    Please check that your app has a full valid access token string loaded, and that it is sending the access token without modifying it. For instance, make sure that there are not stray characters or whitespace added to the access token.

     

    For example, with the Dropbox JavaScript SDK, you supply the access token in the the 'Dropbox' constructor.

    • StormDragon_64's avatar
      StormDragon_64
      Explorer | Level 3

      Greg-DB 

      Does that look good? Also should I be storing the file in the src folder or somewhere else?
      (Also the capital A's were there when dropbox gave me the new token, I think I was just lucky)

      • Greg-DB's avatar
        Greg-DB
        Icon for Dropbox Staff rankDropbox Staff

        That looks like a valid long-lived access token. Can you double check that this is the exact string being used? Can you share the rest of the relevant code where this is used for reference?

         

        By the way, note that access tokens enable access to Dropbox accounts, so for the sake of security, you should never share access tokens like this. I've redacted it from your post, but since this access token has been shared here, you should disable this access token. You can do so by revoking access to the app entirely, if the access token is for your account, here:


        https://www.dropbox.com/account/connected_apps


        Or, you can disable just this access token using the API:


        https://www.dropbox.com/developers/documentation/http/documentation#auth-token-revoke


        Note that doing so will cause any further API calls made using this access token to fail. This cannot be undone, and you would need to get a new access token to replace this one.

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.5,941 PostsLatest Activity: 2 days ago
351 Following

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!