OAuth 2.0 Request, request "state" 512 chars or longer

jeff00coder · ‎11-30-2018

I wish to add to an OAuth 2.0 request a value to query string parameter "state=", specifically an RSA encoded JWT that is 512 characters long.

However, Dropbox https://www.dropbox.com/oauth2/authorize is returning an error:

Error (400) "state": must be at most 500 characters, got 511.

I am not getting this error with other online file storage providers, for example, not with either Google Drive nor with Box.

Is there a way to extend the value of "state" to be longer?

Thank you, much appreciated.

Greg-DB · ‎11-30-2018

No, unfortunately our /oauth2/authorize implementation only allows a 'state' value of up to 500 bytes, and there isn't a way to configure a larger limit. I'll send this along as a feature request, but I can't make any promises as to if/when that would be increased.

View solution in original post

Greg-DB · ‎11-30-2018

No, unfortunately our /oauth2/authorize implementation only allows a 'state' value of up to 500 bytes, and there isn't a way to configure a larger limit. I'll send this along as a feature request, but I can't make any promises as to if/when that would be increased.

OAuth 2.0 Request, request "state" 512 chars or longer

OAuth 2.0 Request, request "state" 512 chars or longer

Re: OAuth 2.0 Request, request "state" 512 chars or longer

Re: OAuth 2.0 Request, request "state" 512 chars or longer

Work Smarter with Dropbox

Top contributors to this post