Need to see if your shared folder is taking up space on your dropbox 👨💻? Find out how to check here.
Forum Discussion
Solved
Error when adding team members to an initally created team folder via http endpoint
I'm making REST calls to the DBX HTTP endpoint from within SAP. My app has full dbx access and all possible rights. Creating a team folder works flawlessly but when trying to add members to that fol...
1575475 Apologies for the lack of clarity here. For team folders in particular, you need to add members via groups; you can't add them individually. I'll ask the team to see if we can clarify this in the documentation and error response.
For example, you would set the "members" parameter like:
"members":[{"member":{".tag":"dropbox_id","dropbox_id":"GROUPIDHERE"}}]You can get group IDs from /2/team/groups/list, etc.
Greg-DB
Dropbox Community Moderator
Dropbox Community Moderator1575475 It looks like you have the right idea. And for reference, here's a curl example of calling /2/sharing/share_folder with the 'Dropbox-Api-Select-Admin' header specified: (built using the API v2 Explorer)
curl -X POST https://api.dropboxapi.com/2/sharing/share_folder \
--header 'Authorization: Bearer <ACCESS_TOKEN>' \
--header 'Content-Type: application/json' \
--header 'Dropbox-Api-Select-Admin: <TEAM_MEMBER_ID>' \
--data '{"path":"<PATH>"}'That works for me, when I plug in valid values.
The popup is presented by your platform though, so I can't offer insight on why that is being shown. As Здравко suggested, you'll want to enable more verbose output if possible to see what exactly the code is/isn't setting properly, and refer to your platform's support/documentation for information on controlling that.
If the issue is only occurring when you attempt to set the "Dropbox-API-Select-Admin" header, you may also want to try debugging that in particular, e.g., make sure that the header name and value are formed properly and don't contain any stray characters/whitespace, etc. Perhaps something like that is malforming the header values you're attempting to set and then causing your platform to default to prompting for basic credentials, or something to that effect.
Hi Greg, hi Sdrawko,
many thanks for your most valuable help. Indeed, the source of the popup was our SAP system and I was able to rectify the problem.
So, please excuse my ignorance by thinking that had been a DBX issue 🙂
But - as the API call seems to work in principle - I'm getting another error:
{"error_summary": "no_permission/
", "error": {"
tag": "no_permission"}, "user_message": {"locale": "de", "text": "Sie sind nicht berechtigt, diese Aktion durchzuf\u00fchren
"}}
Translation: Sie sind nicht berechtigt, diese Aktion durchzuf\u00fchren -> You're not authorized to perform this action
I've no clue why I'm getting this error. I'm admin and also have reauthorized my app after updating the app permissions. (BTW this wasn't mentioned in the documention, but I've found a thread in this forum regarding that issue.)
Also, since I've created this folder via REST call "/2/team/team_folder/create"
I should be owner of the folder and have all the rights. And, again, my app has all permission checkboxes ticked.
How should I proceed?
Thank you and best regards,
Jan
Hi 1575475,
The action, you are trying, seems not granted to you (your access token) for some reason. The translation "berechtigt"->"authorized" is not fairly correct. 😁 Once you get receiving this error message you application seems completely "authorized", otherwise you would not be able get to here. 😉
Possible reasons can be non confirmed scope on authorization and as a result particular scope stay inactive, in spite it has been selected, or you are doing something, that expect admin access, but you skipped represent yourself as admin (or specific team member).
Post exact request that results in such error, at least (with masked access token). May be useful to gets clear if you have some scopes entry in your authorization request and if so, how it looks like.
- Greg-DB
1575475 As Здравко said, it would be helpful to see the actual request to troubleshoot this further. From your description though, are you trying to call /2/sharing/share_folder on the team folder itself, which you created using /2/team/team_folder/create? You don't need to "share" a team folder, since it is already "shared". (Team folders are essentially a type of shared folder.) You can use /2/sharing/add_folder_member to add members to it.
Hi Greg, hi Sdrawko,
thank you again for your input. In the meantime I've created a Postman script which also fails. Here're the details:
URL: https://api.dropboxapi.com/2/sharing/add_folder_member
Header parameters
The app token has been fetched a couple of minutes before and I've double checked my team member id. Since this id is used in various other calls it has to be ok.
JSON Body
{"custom_message":"Test","members":[{"access_level":"editor","member":{".tag":"email","email":"jan.buchholz@karon.de"}}],"quiet":true,"shared_folder_id":"3032413665"}(Output of list team folders, just to check that the folder id is correct)What I don't understand here is that the "team shared" flag is set to false. In ABAP space=false and "X"=true.Response with status 409 (conflict)
{"error_summary": "no_permission/..","error": {".tag": "no_permission"},"user_message": {"locale": "de","text": "Sie sind nicht berechtigt, diese Aktion durchzuführen."}}App permissionAfter rectifying the ominous popup issue, I think that the API I've created is in a "mature state" and doesn't contain any more errors.Any other calls (list folder, create folder, upload file, download file, delete file, get_metadata, list team members, list team namespaces, list team events, etc.) work flawlessly.Now, as even the Postman script fails, IMHO the problem must be somewhere else. But, I'm running out of clues 😞BTW, since I'm already member of the team folder, I'd expect some kind of error message, but not permission related at all.Best regards,Jan
1575475 wrote:...(Output of list team folders, just to check that the folder id is correct)What I don't understand here is that the "team shared" flag is set to false. In ABAP space=false and "X"=true....
There is not exactly "IS_TEAM_SHARED", so most probably your are referring to "is_team_shared_dropbox" (which means is this a team root or not 😉). In all cases it's a team folder.
There are different reasons (wide spread of such) that can lead to wrong result. Let's do one more step to clarifying. Execute something like following:
curl -X POST https://api.dropboxapi.com/2/sharing/get_folder_metadata \ --header 'Authorization: Bearer sl.BQAwolS9uZkZOnfZtpVoQIbNSX...' \
--header 'Dropbox-Api-Select-Admin: dbmid:AACAstOvwj3lJYBziCcpdksycjMM-...' \ --header 'Content-Type: application/json' \ --data '{"shared_folder_id":"3032413665","actions":[{".tag":"invite_editor"},{".tag":"invite_viewer"}]}'...or represent the same request as you like (is easier to you). Can you post the result? 🧐 There can be some clue.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
