Re: why do I get {"error": "Invalid OAuth2 token."}

Conners · ‎07-08-2022

I followed this article

https://dropbox.tech/developers/generate-an-access-token-for-your-own-account

but when I do this

curl https://api.dropbox.com/1/account/info -H "Authorization:Bearer sl.BLDmzx7xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxsomethinginherexxxxx"

I get this

{"error": "Invalid OAuth2 token."}

what am I doing wrong?

Здравко · ‎07-08-2022

@Conners wrote:
...
what am I doing wrong?

Hi @Conners,

The only wrong thing you are doing is following the outdated article. "long lived token" can't get issued anymore. Newly issued access tokens are always short lived. 🤷 That's it.

If you want long term access you can consider refresh token usage. 😉

Hope this helps.

Add: why don't you use /2/users/get_current_account instead?

Conners · ‎07-08-2022

hi, thanks for the reply, i am more than happy to get short life tokens but I cannot find any refernce material out there, why is that?

edit: I see your link is information on an alternate call however when I call it I get

Error in call to API function "sharing/add_folder_member": Your API app is an "App Folder" app. It is not allowed to access this API function

however at the permissions level I already have everything ticked

Conners · ‎07-08-2022

PS: I am actually using in PHP this

$client = new \Spatie\Dropbox\Client();

this documentation doesn't really seem to talk about an example of short life tokens, just talks that there is an object (but no example) so it's all but useless to new users: but it was last updated only a few days ago. Whole situation seems very strange

Здравко · ‎07-08-2022

You can take a look on Dropbox API v2 documentation for available access points and their use in curl. For guide how you can use long term account access using API look on here.

Add: You can't share anything when your restricted your application in an application specific folder. If you need to manage users sharing, you have to recreate the application with proper access type (it's not a matter of preferences and you can't do it there).

Greg-DB · ‎07-08-2022

@Conners The blog post you referred to is very old and now out of date. As Здравко noted, you should now use /2/users/get_current_account instead of /1/account/info. And as they said, app's with the app folder access type cannot use shared folder functionality, such as /2/sharing/add_folder_member. You would need to register another app with "full Dropbox" access if you need to use that.

And as you found, Dropbox is in the process of switching to only issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens. You can find more information on this migration here.

Apps can still get long-term access by requesting "offline" access though, in which case the app receives a "refresh token" that can be used to retrieve new short-lived access tokens as needed, without further manual user intervention. You can find more information in the OAuth Guide and authorization documentation.

For reference, while the creation of new long-lived access tokens is now deprecated, we don't currently have a plan to disable existing long-lived access tokens. (If that changes, we will of course announce that ahead of time.) That being the case, you can continue using existing long-lived access token(s) without interruption, if you have any. Also, note though that after the change you won't be able to create new long-lived access tokens.

While the change began on September 30th 2021, we released it gradually, so you may not have seen your app(s) affected until more recently. Once it applies to your app, it would apply regardless of the "Access token expiration" setting for your app, and that setting may no longer be available for your app.

Finally, the library you linked to is not made by Dropbox, so we cannot offer support for the library itself, or guarantee that it is up to date with the latest functionality, such as for short-lived access tokens/refresh tokens.