Need to see if your shared folder is taking up space on your dropbox 👨💻? Find out how to check here.
Forum Discussion
Solved
dropbox.exceptions.AuthError: expired access token
When I run an app I developed, I get an error.
dropbox.exceptions.AuthError: AuthError('89ade68e26bd49d592d01bfbfae5659b', AuthError('expired_access_token', None))
What could be wrong with my OAuth code?
def oauth_flow():
return DropboxOAuth2Flow(
APP_KEY,
'https://dropbox-notifications.herokuapp.com/oauth-callback',
session,
'dropbox-auth-csrf-token',
APP_SECRET
)
@app.route('/oauth-callback')
def oauth_callback():
auth_result = oauth_flow().finish(request.args)
access_token = auth_result.access_token
account = auth_result.account_id
redis_client.hset('tokens', account, access_token)
process_user(account)
return redirect(url_for('done'))
@app.route('/login')
def login():
return redirect(oauth_flow().start())
Thank you
That's correct, Dropbox is in the process of switching to only issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens. You can find more information on this migration here.
Apps can still get long-term access by requesting "offline" access though, in which case the app receives a "refresh token" that can be used to retrieve new short-lived access tokens as needed, without further manual user intervention. You can find more information in the OAuth Guide and authorization documentation.
For reference, while the creation of new long-lived access tokens is now deprecated, we don't currently have a plan to disable existing long-lived access tokens. (If that changes, we will of course announce that ahead of time.) That being the case, you can continue using existing long-lived access token(s) without interruption, if you have any. Also, note though that after the change you won't be able to create new long-lived access tokens.
While the change began on September 30th 2021, we're releasing it gradually, so you may not have seen your app(s) affected until now. Once it applies to your app, it would apply regardless of the "Access token expiration" setting for your app, and that setting may no longer be available for your app.You can find an example of getting and setting the refresh token with the Dropbox API v2 Python SDK here.
13 Replies
Replies have been turned off for this discussion
Hi marksmithhfx,
Generation of long lived access token has been dropped already, despite of available (generated before) can be used still. Yes, some documentation isn't very clear unfortunately. 🤷 Maybe the are not updated yet.
Usage of refresh token can be used to achieve the same user experience - it doesn't expire. 😉 That's it. When you read something about long lived access token, think of it as a history (mostly). 🙂
Hope this helps.
tahsiniDropbox Staff
Johnson9070 wrote:
Hi Greg,
Does this mean that the user gets the logon window to authorize each time ?
Cheers , John
The user will see the login window to authorize just once.
Johnson9070 wrote:
Hi ,
I'm relatively new at python.
At the moment i log on like this:
def Dropbox_logon(self):
self.dbx = dropbox.Dropbox(self.token)
x = self.dbx.users_get_current_account()
print('Logon ok')I'm a bit lost how to write this with the auth flow.
You can see an example of OAuth flows written using our Python SDKs here, and here.
- tahsini
Dropbox is in the process of switching to only issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens. While the change began on September 30th 2021, we're releasing it gradually, so some users may not have seen app(s) affected until now and the option is available in their app console.
Apps can still get long-term access by requesting "offline" access though, in which case the app receives a "refresh token" that can be used to retrieve new short-lived access tokens as needed, without further manual user intervention. You can find more information in the OAuth Guide and authorization documentation.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
