cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Want to know what we learned at IBC? Check out our learnings on media, remote working and more right here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Clarification on support for OAuth 1

Clarification on support for OAuth 1

Mark R.5
Helpful | Level 5

It was recently announced that Dropbox API v2 would support OAuth 2 only.
Does this mean that existing apps which use OAuth 1 will stop working when API v2 is rolled out?

7 Replies 7

Steve M.
Dropbox Staff

No. Core API v1 will continue to work as-is.

Mark R.5
Helpful | Level 5

Thanks for the response. I wasn't sure whether they would run alongside each other or not, so good to know.

Svetlana I.1
New member | Level 1

Hi! Could you please confirm that Core API will continue to work with OAuth 1.0? A year has passed maybe something was changed, because v2 endpoints work only with OAuth 2.0. There is https://www.dropbox.com/developers-v1/core/docs#oa2-from-oa1 endpoint which provides a capability to work with v2 endpoints using OAuth 1.0 authorization flow. Can we be sure that after v1 endpoints are deprecated the OAuth 1.0 endpoints will work as before? Thanks in advance.

Greg-DB
Dropbox Staff

API v1, a.k.a. the Core API, supports both OAuth 1 and OAuth 2 and will continue to do so. Note that API v1 is already deprecated in favor of API v2.

API v2 only supports OAuth 2.

The /1/oauth2/token_from_oauth1 endpoint you mentioned allows you to get an OAuth 2 access token from an OAuth 1 access token. We recommend using that while API v1 is still enabled in order to migrate your existing users to API v2.

When you do migrate your app to API v2, you should also migrate to using the OAuth 2 app authorization flow itself in place of the OAuth 1 flow. 

Svetlana I.1
New member | Level 1

Thanks for the quick response! Just to be sure that we are on the same page. Our application uses https://www.dropbox.com/1/oauth/authorize endpoint as a first step in the authorization flow. In the migration guide is mentioned that /1/oauth2/authorize endpoint is migrated to /oauth2/authorize. Does it mean that https://www.dropbox.com/1/oauth/authorize request won't work after Sept, 28 when v1 will be deprecated? Thanks again for help!

Greg-DB
Dropbox Staff

Yes, the OAuth 1 authorization page at /1/oauth/authorize is only for API v1, and will be retired with API v1. You'll need to migrate to using the OAuth 2 authorization page at /oauth2/authorize.

(API v2 doesn't support OAuth 1, so the OAuth 1 page won't be useful once API v1 is retired anyway.)

 

Greg-DB
Dropbox Staff
To follow up here, if you do need to migrate OAuth 1 access tokens and want to do so via API v2, we now have an API v2 endpoint for doing so:

https://www.dropbox.com/developers/documentation/http/documentation#auth-token-from_oauth1
Need more support?
Who's talking

Top contributors to this post

  • User avatar
    Greg-DB Dropbox Staff
  • User avatar
    Svetlana I.1 New member | Level 1
  • User avatar
    Mark R.5 Helpful | Level 5
What do Dropbox user levels mean?