One month down in 2025: How are your resolutions coming along? Check out how to get back on track here.
Forum Discussion
blink
8 years agoExplorer | Level 3
GET /1/oauth/request_token return 400 error
when I use the API to get token. The dropbox server return 400 error.
The request : GET /1/oauth/request_token HTTP/1.1
The response: HTTP/1.1 400 Bad Request
< Server: nginx
< Date: Fri, 29 Sep 2017 07:01:25 GMT
< Content-Type: application/json
< Transfer-Encoding: chunked
< Connection: keep-alive
< X-Dropbox-Request-Id: 60ddb4f73f25ea5afbf18d538654ef61
< X-Frame-Options: DENY
< Content-Security-Policy: sandbox; frame-ancestors 'none'
< X-Content-Type-Options: nosniff
< Content-Disposition: attachment; filename='error'
Is the oauth 1 expired ?
The API doc said : (https://www.dropbox.com/developers-v1/core/docs)
OAuth 1.0 continues to be supported for all API requests, but OAuth 2.0 is now preferred. Find out more in our OAuth guide
so, I don't know why. last week the process is ok .
- Greg-DB
Dropbox Staff
Yes, as announced last year, API v1 has been retired. You can find more information in the blog post here:
https://blogs.dropbox.com/developers/2016/06/api-v1-deprecated/
We notified developers by email, but it sounds like those emails unfortunately did not make it to you.
OAuth 1 was only used by API v1, so it has been retired along with API v1.
Now that API v1 has been retired, further API calls to it will fail. (There is a notice about the general API v1 deprecation at the top of the API v1 documentation.)
You should migrate your app to API v2 instead:
https://www.dropbox.com/developers
API v2 uses OAuth 2, which is documented here:
https://www.dropbox.com/developers/documentation/http/documentation#authorization
If you need more time to migrate your app to API v2, we can offer an extension for access to API v1. To request that, please open an API ticket with the relevant app key(s):
- blinkExplorer | Level 3
Thanks for your reply!
we use V1 oauth , and use API V2 to upload files. this model is ok. The user input dropbox username and password to get Authorization. then we send the URL to the user email. the user open the URL and Authorization. can we use V2 oauth to achieve this model ?
Thanks.
- Greg-DB
Dropbox Staff
blink For reference, your app should never be directly handling the user's username and password. The user should only ever put those in to the Dropbox web site, e.g., when logging in to the Dropbox web site during the OAuth app authorization flow to authorize the API app. This applies to both API v1 and API v2.
For API v2, which only supports OAuth 2, you should migrate to using OAuth 2 entirely, not OAuth 1. (If you have any remaining OAuth 1 access tokens you need to migrate to OAuth 2 for use with API v2, you should use /2/auth/token/from_oauth1 which is an API v2 endpoint and will continue to work.)
You can find the OAuth 2 documentation here:
https://www.dropbox.com/developers/documentation/http/documentation#authorization
The Dropbox OAuth 2 implementation supports the "token" and "code" flows, which unfortunately don't work as well with the technique of emailing the authorization link to the user to have them authorize the app on another device. This is because the "token" flow requires a redirect URI, and the "code" flow, when used without a redirect URI, requires the user to manually transfer the authorization code somehow, as pcworld mentioned.
If that doesn't work for your app, e.g., if it doesn't have a browser at all, open an API ticket with details about your app and use case and we'll see if there's something we can do to help.
- blinkExplorer | Level 3
PS: we use oauth v1 to get token. the api :
https://api.dropbox.com/1/oauth/request_token
https://api.dropbox.com/1/oauth/access_token
https://api.dropboxapi.com/1/oauth2/token_from_oauth1
https://www.dropbox.com/1/oauth/authorize?oauth_token=
The user only input dropbox username and password. we will send the Authentication URL to the user email by our device. (our device have no browse). the user open the URL by phone or pc to Authorization our app to access their dropbox.
How can we use oauth 2 to achieve this function . many thanks.
- pcworldExplorer | Level 3I'm in a similar situation. I'm the developer of an app on a platform (webOS) where the Dropbox login page is broken in the native browser. With OAuth 1 I solved this by having the user open the authorization URL on another device, where they only needed to approve the authorization request and the app would start working afterwards.
With OAuth 2 the user needs to additionally transfer the auth token back to the webOS device, which makes it even more complicated for the user. I don't think there's an easier solution with OAuth 2 though.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.5,945 PostsLatest Activity: 10 minutes ago
If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!