Get a folders public link using the dropbox API in Azure logic apps

Jeff B.63 It looks like you are supplying the "path" parameter as a URL parameter; it instead needs to be supplied in JSON in the request body. You can find more information in the documentation for the /2/sharing/create_shared_link_with_settings endpoint, as well as the documentation for the RPC format it uses.

You can also use the API v2 Explorer to see how the call should be constructed. For instance, click "Show Code" and select "View request as" "HTTP request".

By the way, your path value doesn't look like a valid Dropbox path. It looks like local Windows file path. I suggest reading the File Access Guide for information on interacting with files on the Dropbox API.

Yes, sorry, I accidentally used the local path when creating the post but I have been using the correct path in my testing.  

I have looked through the documentation as well as used the API Explorer.  

The code produced by it under HTTP is:

POST /2/sharing/create_shared_link_with_settings
Host: https://api.dropboxapi.com
User-Agent: api-explorer-client
Authorization: *sanitized*
Content-Type: application/json

{
    "path": "\\~ Pictures - All\\Share Link Testing\\1"
}

When I look at the JSON for the Query in the HTTP step, it is identical to what the Explorer is showing.

Jeff B.63 I see you have changed the parameter data to be JSON, but you still have it in the "Queries" section for your client. I can't offer support for your client itself, but it appears your client sends that as URL parameters. That JSON needs to be sent in the request body, so you probably need to put that in the "Body" section instead.

Also, the path value itself still doesn't look correct. It looks like you would want something like this:

"/~ Pictures - All/Share Link Testing/1"

Thank you for your help.  I was able to get it working finally.  I am just not sure which reply to mark as the answer.

My next quandary is keeping or refreshing the token so it doesn't expire.  Can you point me in the right direction?

Jeff B.63 Dropbox issues short-lived access tokens which expire after a few hours. Apps can get long-term access by requesting "offline" access, in which case the app receives a "refresh token" that can be used to retrieve new short-lived access tokens as needed, without further manual user intervention. Refresh tokens do not expire automatically and can be used repeatedly. You can find more information in the OAuth Guide and authorization documentation. There's a basic outline of processing this flow in this blog post which may serve as a useful example.

The example in the blog uses curl but I need HTTP.  I tried the online conversion tool from GitHub but it just gets syntax errors.  I have my AppKey and AppSecret but what is the authorization code and do I need a redirect URI since I want the response to come right back to the HTTP request?

I just tried the first step in your instructions and the browser returned an error "invalid client id".

Do I need to apply for production on the App or something?

---

Jeff B.63 wrote:

...

Do I need to apply for production on the App or something?

---

No. Probably mistake in copy/paste.

I just tried too and everything works. Make sure you copy your client ID correct - even one symbol messed and... you saw the result. 🙋

Thanks Здравко, It was because I left the brackets in.

Worked perfectly, Thank you.  do I now just use the refresh token as the access token in all of my http calls?

Authorization: Bearer <Refresh token>

---

Jeff B.63 wrote:

Worked perfectly, Thank you.  do I now just use the refresh token as the access token in all of my http calls?

Authorization: Bearer <Refresh token>

---

No, no, no,... definitely NO!

Refresh token doesn't replace access token, neither opposite! The refresh token is only used for refreshing (regenerating in fact) access token, nothing more. As I mentioned there (and as seems you skipped) in regular API calls valid access token (non expired - within the timespan as described) should be use. If needed (after currently used token expires), execute the last call in my description before next regular API call. 👆

Hope it's a bit more clear now.

Thank you for your help Здравко,  I read your other directions more clearly and it worked great. 

My next challenge was how to use the refresh token in my Logic App.  After an awful lot of searching, I was able to cobble something together.

For anyone else finding this thread, I will include that information for them below:

1.  I had to set up blob storage in Azure and set any flows to use a system managed identity with the role of "Storage Blob Data Reader".
2.  I then set up a new Logic App with a Recurrence Trigger set to 5 mins (or whatever you want) with the role of "Storage Blob Data Owner".
3. I added a file to the storage and use that same name throughout, say DBtoken.txt. 
4. I retrieve the blob metadata and use a condition to check if utcNow() > (LastModified timestamp + 4 hrs).
5. False does nothing
6. True then runs an HTTP action using the refresh token to get a new 4hr token:
7. Then I save the blob back into the storage using the same filename as before - DBtoken.txt
8. Now any Logic Apps I want to have access to the Dropbox API can do so by reading the blob and getting the current access token.  I'll describe that here:

1. Initialize a boolean variable called Token_Expiry 
2. Retrieve the blob data from the blob storage
3. Insert an Until function that runs until Token_Expiry is = to True
4. Add a Condition inside the Until that check if utcNow() <= (Last Modified + 4hrs)
5. False does nothing
6. True has three actions: get blob content, parse json of blob content and sets Token_Expiry to True
7. Finally, right after the Until, I initialize a variable to hold the current token and use it in the HTTP Dropbox API actions I have later in the flow.

Maybe there is a simpler way to do this but this is all I could figure out with my very limited knowledge.

Hi Jeff B.63,

Congratulations to you for your solution! 🙂 I believe your sharing will help many other people working on the same environment.

There are some imperfections though that push your solution to the border of stability. There is small but real chance some of your API calls to fail authentication! Of course in such a situation the details are important (something I don't know), but in all cases minimizing assumptions in the code is a good idea (they may play bad game 😈).

---

Jeff B.63 wrote:

...

    4. I retrieve the blob metadata and use a condition to check if utcNow() > (LastModified timestamp + 4 hrs).

...

---

When something is NOT guaranteed in any way better don't rely on! Yes, typically access token validity period is 4hr, but again typically NOT mandatory (may be less). I gave it just as example, nothing more. I mentioned in explicit way that validity is denoted in "expires_in" field. You're ignoring this value in favor of assumption! In addition it's good idea to "cut" 2, 3, or 5 mins out from validity period, cosa there are always some delays in token receiving, calculations, etc. - something that accumulates and can... make your check wrong (and you code tries work with just expired token in some cases).

---

Jeff B.63 wrote:

...

    7. Finally, right after the Until, I initialize a variable to hold the current token and use it in the HTTP Dropbox API actions I have later in the flow.

...

---

Hm...🤔 How long is this flow of actions? Is there any chance for your token expiration meantime? Important detail! It's good idea to check for token validity at the beginning of every API call, not at the beginning of flow of calls - just to make the things more secure. Even more in such a way you don't need additional trigger - the call, you're going to do, itself is a trigger. 😉

Good luck to you and all others interested.

Thank you for that input, I will work on that and revise the post.  I put the loop in place so that if there was delay in getting the new token the loop would continue until the token was available. But I understand your concerns and will add a reference to the validity period in the blob and use it in the condition instead of just 4 hour minus a few minus of course.