The Core API v1-to-v2 migration: a full rewrite, not an upgrade
2015–2017
Dropbox's move from the v1 Core API to API v2 was not a drop-in upgrade: error handling, authentication, permissions, and request formats all changed, forcing developers to rewrite integrations before v1 was switched off in 2017.
What happened
Alongside deprecating the Sync and Datastore APIs, Dropbox introduced API v2 and pushed developers off the original v1 Core API. The two versions were not compatible. In v1 each endpoint-specific error was mapped onto a distinct HTTP status code; in v2, endpoint errors were collapsed into a single HTTP 409 response with structured details in the body — so error-handling code had to be reworked. Apps using OAuth 1 access tokens had to convert them to OAuth 2 tokens through a dedicated endpoint, the legacy 'File Type' permission was no longer supported and required re-authorization, and team-access apps had to switch custom HTTP headers (from X-Dropbox-Perform-As-Team-Member to Dropbox-API-Select-User).
Dropbox published a v1-to-v2 migration guide mapping old functionality to new equivalents, but for many integrations the change amounted to a rewrite rather than a version bump. (The final shutdown of the v1 endpoints in 2017 is covered separately under the existing api-v1-shutdown-2017 entry; this entry concerns the breaking nature of the v1→v2 transition itself.)
Impact
The redesign improved consistency and security in the long run, but in the short run it imposed real cost on every team with a Dropbox integration and contributed to the perception that Dropbox's platform was high-maintenance. Combined with the Sync/Datastore retirement happening at the same time, 2015–2017 became a period of near-continuous forced migration for Dropbox developers.