While some types of 4xx errors will occasionally occur as users interact with content, very high rates of errors relative to success may signal issues with your application.Īll Dropbox API calls (whether successful or 4xx) return an X-Dropbox-Request-Id HTTP header in their responses. Using these SDKs will help prevent bad requests. These SDKs all use the same underlying HTTP calls, but provider helper classes for input and error handling. When possible, use official Dropbox SDK’s when writing your applications. Visit or contact API support if you see this for an extended period of time.įor apps performing background operations, this error case should not be rapidly re-tried - use exponential backoff. In general, the causes for 500 errors are expected to be brief. Internal server errors are undefined errors on the Dropbox side. Seeing high rates of 429’s suggests your app should use batch endpoints and optimize for performance. If a Retry-After header is not returned, your app should pause briefly before retrying, ideally using an exponential backoff. Rate limit responses from the Dropbox API may include a Retry-After header, indicating how long your app should wait (in seconds) before retrying. This is likely due to multiple threads/instances from your app writing to the same space, but on occasion may be due to user behavior outside your app. There are too many simultaneous writes to the same namespace in parallel.Your application is making too many API calls in a short period of time, and is experiencing a rate limit from the Dropbox API.If your application needs to detect changes that occur within folders, refer to our Detecting Changes Guide. Remember - users may move and delete content, or change the permissions of shared folder at any time through the Dropbox UI - so be sure to test against this behavior. One of the more common causes for many of these categories of errors is path_not_found.
409 - Conflict (Endpoint Specific Error)Įndpoint specific errors can have a variety of different causes - refer to the specific endpoint’s documentation to see error cases and how to handle them. An exponential backoff - pausing longer after each failure - is recommended. This category of error is more likely (but not guaranteed) to have a user_message to relay.įor apps performing background operations, this error case should not be rapidly re-tried. For example, Dropbox Business accounts may have monthly limits on upload calls - and exceeding them for the month will result in some calls returning 403’s.Ī call that results in 403 may succeed on retry, but only after corresponding action on the account. This may also be due to some classes of pauses and limits on accounts. Functionality that is specific to paid Dropbox plans can be introspected with the /features/get_values API call. This may be due to a change in the users Dropbox plan. 403 - ForbiddenĪ 403 indicates that the user or team does not have access to the corresponding call. For more information, see our OAuth guide. If your application experiences a 401, it should prompt that user to re-authenticate. With the exception of suspension, retrying a 401 will not succeed. Note that Dropbox users may revoke API authorizations (as described here) - so this error may suggest the end user unlinking the app in Dropbox (but not uninstalling your app or unlinking through it). These may also be due to temporary suspension, such as an administrator suspending a member within a Dropbox business team. These errors are due to the bearer token of the associated request being invalid, expired, or lacking sufficient permission to perform the associated API call.
Responses with 400 error code indicate an issue with the request itself, and thus will not be resolved by retrying them. For example, a Business application with Team Member Management attempting to use an endpoint requiring Team Auditing permission. These errors may also occur from attempting to access an endpoint unavailable to a given app type. Neglecting to sanitize input from end users, for example, would result in this. A common cause of this is malformed JSON request bodies, or JSON that does not conform to input fields and validation.