One month down in 2025: How are your resolutions coming along? Check out how to get back on track here.
Forum Discussion
someoneknew
5 years agoNew member | Level 2
Re: Bad request (400) if made in my server
Hey! I am getting the same error when I try to get token through "https://api.dropboxapi.com/oauth2/token". It works in postman but when I try to access this route with header and request body with my node js website, it throws that error. I am not using Dropbox SDK for node. I am trying to replicate/learn from "nodegallerytutorial" posted on git, and in there I found this coode:
//Exchange code for token if(req.query.code ){ let options={ url: config.DBX_API_DOMAIN + config.DBX_TOKEN_PATH, //build query string qs: {'code': req.query.code, 'grant_type': 'authorization_code', 'client_id': config.DBX_APP_KEY, 'client_secret':config.DBX_APP_SECRET, 'redirect_uri':config.OAUTH_REDIRECT_URL}, method: 'POST', json: true } try{ let response = await rp(options); //we will replace later cache with a proper storage //mycache.set("aTempTokenKey", response.access_token, 3600); await regenerateSessionAsync(req); req.session.token = response.access_token; res.redirect("/"); }catch(error){ return next(new Error('error getting token. '+error.message)); } } }
promise-request is deprecated now, so I tired using node-fetch and axios. Here is code that I am using for the same path (the callback path I mentioned in my dropbox console).
// here the version of the code that I used with axios app.get("/callback", async (req,res)=>{ try { const body = { grant_type: "authorization_code", code: req.query.code, redirect_uri: "http://localhost:3000/callback", client_id: client_id, client_secret: client_id, json:true }; const response = axios.post("https://api.dropboxapi.com/oauth2/token", body); console.log({response}); res.send({response}); } catch(err) { res.send({error: err}); } }); // below is the code for node-fetch that I used app.get("/callback", (req,res)=>{ const body = { grant_type: "authorization_code", code: req.query.code, redirect_uri: "http://localhost:3000/callback", client_id: client_id, client_secret: client_secret }; node_fetch("https://api.dropboxapi.com/oauth2/token", { method:'POST', body }).then((response)=> response.json()).then((jsonObj)=>{ res.send({response:jsonObj}); }).catch((err)=>{ res.send({err}); }); });
Here is the error. Please note that everything works fine when I use psotman.
- kylea
Dropbox Staff
[Cross-linking for reference: https://stackoverflow.com/questions/66144019/dropbox-400-error-while-trying-to-get-token-auth ]
The Dropbox API will return a more specific error message in the response body; print the full response body to see the cause.
Typically, an HTTP status 400 suggests that the body of the request is malformed - but the more specific message will help diagnose this.
- someoneknewNew member | Level 2
Here is the full error:
- Greg-DB
Dropbox Staff
someoneknew Thanks for the additional information. This screenshot doesn't seem to show the actual response body from the Dropbox API though. The "400" is just the status code of the response from the Dropbox API, but the response would also contain a body, which isn't being shown here. You may need to check the documentation for the client you're using to see how you can print out the response body as well.
(In any case, it looks like you're sending the parameters as JSON, but the parameters for /oauth2/token should be sent as application/x-www-form-urlencoded POST parameters, not JSON.)
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.5,945 PostsLatest Activity: 8 hours ago
If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!