cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Want to learn some quick and useful tips to make your day easier? Check out how Calvin uses Replay to get feedback from other teams at Dropbox here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Mismatched redirect URI

Mismatched redirect URI

FrustratedUser3
Collaborator | Level 8
Go to solution

I am using the following link to generate an authorization code for the code flow process:

 

https://www.dropbox.com/oauth2/authorize?client_id=CLIENT_ID&response_type=code&token_access_type=offline&redirect_uri=https://dev.crm.DOMAIN.com/api/v1/Dropbox/Oauth2

 

I replaced the client ID and domain due to privacy. The process works as expected without the redirect URI. In addition, I can successfully generate an access token using Postman by connecting to my API through the redirect URI with the code as one of the parameters, which validates my API's behavior.

 

After granting access to the app, here is what is shown in the browser's address bar:

 

 

https://dev.crm.DOMAIN.com/api/v1/Dropbox/Oauth2?code=EIk...vr0

 

 

 

Here is what my API receives:

 

[2023-02-19 16:32:44] DEBUG:  [{"code":"EIk...vr0"}] []

 

 

Using the code, I create a request as follows:

 

  private function generateAccessToken($code) {
    $data = array(
      "client_id=<CLIENT_ID>",
      "client_secret=<CLIENT_SECRET>",
      "grant_type=authorization_code",
      "code={$code}",
    );

    $data = implode("&", $data);
    $headers = array('Content-Type: application/x-www-form-urlencoded');
    $url = "https://api.dropboxapi.com/oauth2/token";

    $response = $this->curl->post($url, $headers, $data);
    if($response["code"] != 200) {
      $GLOBALS["log"]->error("access token error", $response);
      throw new Error("Error while retrieving access token");
    }

    return $response["data"];
  }

 

 

Here is the response:

 

 

[2023-02-19 16:30:13] ERROR: access token error {400, "error":"invalid_grant", "error_description":"redirect_uri mismatch"}

 

 

 

Here is what is registered in the Dropbox app console:

FrustratedUser3_2-1676825015874.png

 

I can't figure out what the problem is.

1 Accepted Solution

Accepted Solutions

Здравко
Legendary | Level 20
Go to solution

@FrustratedUser3, When you use redirect URI to receive a code, you have to use the same URI as a parameter in the call to /oauth2/token (the 'redirect_uri' parameter). 🙂 In spite this parameter is optional in general, it becomes mandatory with code received through redirect URI and the value should match this URI. As can be seen, it's skipped in your code. 😉 That's where your issue comes from. Here "mismatch" probably means empty/missing doesn't match to the actual.

Good luck.

View solution in original post

2 Replies 2

Здравко
Legendary | Level 20
Go to solution

@FrustratedUser3, When you use redirect URI to receive a code, you have to use the same URI as a parameter in the call to /oauth2/token (the 'redirect_uri' parameter). 🙂 In spite this parameter is optional in general, it becomes mandatory with code received through redirect URI and the value should match this URI. As can be seen, it's skipped in your code. 😉 That's where your issue comes from. Here "mismatch" probably means empty/missing doesn't match to the actual.

Good luck.

FrustratedUser3
Collaborator | Level 8
Go to solution

The oauth2 guide does not make that clear, but you're right. I added redirect_uri to the parameters as follows:

 

if(isset($code)) {
  $data[] = "grant_type=authorization_code";
  $data[] = "code={$code}";
  $data[] = "redirect_uri={$this->cfg->get("siteUrl")}/api/v1/Dropbox/Oauth2";
} else {
  $data[] = "grant_type=refresh_token";
  $data[] = "refresh_token={$this->cfg->get("dropboxRefreshToken")}";
}

It works. Thanks.

 

For anyone else who gets stuck on this, here is the relevant documentation:

FrustratedUser3_0-1676826888781.png

 

Need more support?
Who's talking

Top contributors to this post

  • User avatar
    FrustratedUser3 Collaborator | Level 8
  • User avatar
    Здравко Legendary | Level 20
What do Dropbox user levels mean?