Forum Discussion

SneYellow46's avatar
SneYellow46
Explorer | Level 4
4 years ago

Getting refreshed access token from Generated access tokem

Hi, I have an iOS objective c application connected with dropbox SDK.   We are using generated access token to access apps folder from my BD account.       client = [[DBUserClient allo...
API
Здравко's avatar
Здравко
Legendary | Level 20
4 years ago
SneYellow46 wrote:

...

Note that we need to use the generated access token approach other than oAuth flow. 

...

Hi SneYellow46,

You can't use generated access token for long term access. All access tokens are short lived (including generated). You may retrieve refresh token in separate application (so one OAuth flow has to be performed once, at least) and after that embed this token and reuse it. Such an approach is suitable for server side use only! Be careful. Usage of any long term embedded token is NOT good idea for client side application.

Hope this helps.

  • SneYellow46's avatar
    SneYellow46
    Explorer | Level 4
    4 years ago

    Hi,

    Thanks for the reply Здравко .

    Do you mean we have to make oAuth flow from my application once and get access token and use it later do distribute to other users to grant access?

    Or how could this work in my mobile application?

     

    • Здравко's avatar
      Здравко
      Legendary | Level 20
      4 years ago
      SneYellow46 wrote:

      ...

      Do you mean we have to make oAuth flow from my application once and get access token and use it later do distribute to other users to grant access?

      ...

      No, no, no... You said that you need generated access token. That was related to this - nothing more!!! I said, such a solution is suitable for server side application only (in the same context).

       

      SneYellow46 wrote:

      ...

      Or how could this work in my mobile application?

      On mobile application on every install you should perform OAuth flow and keep the refresh token (at least). Once authentication info is available you can just create a client object and use it... That's it.

      • SneYellow46's avatar
        SneYellow46
        Explorer | Level 4
        4 years ago

        Oh okay Здравко .

        Yes that is the issue, the data resides on our dropbox and we dont want to give users access to our dropbox credentials that is why don't want to use oAuth flow.

        We had done this few years back, that time DB project had option to make Generated access token Long-lived/No Expiration time. That options isn't available anymore.

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.

The Dropbox Community team is active from Monday to Friday. We try to respond to you as soon as we can, usually within 2 hours.

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X, Facebook or Instagram.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!