We are aware of the issue with the badge emails resending to everyone, we apologise for the inconvenience - learn more here.
Forum Discussion
dbx.auth not working / getAccessTokenFromCode giving 400 response?
I'm trying to access the `getAccessTokenFromCode` method and I keep receiving a 400 error. On top of that, I can't seem to write the code and get it to work in the way it's written in the Auth ex...
I'm not sure I follow your message, but you should specify it in both places. The /oauth2/authorize page redirect_uri parameter specifies where to send the user after they authorize the app, and the 'redirectUri' you pass to 'getAccessTokenFromCode' is just a string sent up in a /oauth2/token API call to verify that it matches.
Greg-DB
Dropbox Staff
Dropbox StaffFirst, can you clarify where/how you're attempting to run this? For instance, are you running this on a node backend, or browser frontend?
Also, can you share the full error/output you're getting? Whenever the API replies with a 400 it should include more error information along with it. It may help to print out the full error like 'console.log(err)' instead of just 'console.log(err.message)'.
Can you also double check that v9.2.0 was successfully installed? Perhaps it failed and you're still on an old version.
Hi Greg, It's on a node backend. Positive that i am on the latest version - I even aliased the npm package to make sure.
The full error is below. I just want to point out two things now that I see the error type - I have all of the redirect uri's listed correctly and accurately in the app console. I've tried it so many different ways and i keep getting the same error. I also am confused why when I go to authorize, dropbox doesnt allow me to choose which user I want to sign in as. It just prompts me to allow access as whoever I am currently signed into dropbox with (vs something like google API where I select which account I want to use) is this just a normal part of the auth flow?
name: 'DropboxResponseError',
status: 400,
headers: Headers {
[Symbol(map)]: [Object: null prototype] {
'content-security-policy': [Array],
'content-type': [Array],
date: [Array],
server: [Array],
'content-encoding': [Array],
vary: [Array],
'x-dropbox-response-origin': [Array],
'x-dropbox-request-id': [Array],
connection: [Array],
'transfer-encoding': [Array]
}
},
error: {
error_description: 'redirect_uri mismatch',
error: 'invalid_grant'
}
}
- Greg-DB
Thanks! So the error message in this case is "redirect_uri mismatch", which indicates that the 'redirectUri' you're passing to 'getAccessTokenFromCode' doesn't match the redirect_uri value on the /oauth2/authorize URL used to retrieved the authorization code. It needs to either be omitted in both places, or otherwise match exactly.
Can you share the 'redirectUri' value you're using, as well as the /oauth2/authorize URL?
Also, regarding your other question, if you have "linked accounts" you'll be prompted to choose which to connect to the app. Otherwise, you can use the "Sign out" link in the account dropdown on the app authorization page to sign out of the current account and then sign in to another to authorize the app there.
Thanks Greg. By making them the same redirect uri I got it working. My worry is /was that the current redirect uri is another endpoint that creates a session and stores information in the DB. By setting that redirect URI in both places I was worried that that endpoint would get called twice and create duplicates or show up as `null` in the second call. Does that make sense?
- Greg-DB
I'm not sure I follow your message, but you should specify it in both places. The /oauth2/authorize page redirect_uri parameter specifies where to send the user after they authorize the app, and the 'redirectUri' you pass to 'getAccessTokenFromCode' is just a string sent up in a /oauth2/token API call to verify that it matches.
hi Greg-DB - me again.. for some reason i am not actually able to see the "linked account" screen. to switch users, or to even authorize the app. when i go through the auth flow i am just automatically redirected and authorized. unless i sign out of dropbox in a different window. is there someting in the code i need to update here?
static async getAuthUrl(state: string😞 Promise<string> {const dbx = newOAuthInstance();const res = await dbx.getAuthenticationUrl(REDIRECT_URI,state,'code','offline',);return res.toString();}- Greg-DB
If you're signed in to an account that has already authorized the app, you may not be explicitly asked to authorize it again, and may instead just be redirected through the flow automatically. Check out the 'force_reapprove' parameter on /oauth2/authorize.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
