Forum Discussion

devid13's avatar
devid13
Explorer | Level 4
5 years ago

How to get Access Token for background process without any user integractions?

Hi Team,  We are doing dropbox integration to upload files from salesforce to dropbox. To do this we are doing background processing and to get access token we always use "Long-lived" from the ...
API
Greg-DB's avatar
Greg-DB
Icon for Dropbox Community Moderator rankDropbox Community Moderator
5 years ago

Getting an access token always requires some sort of user interaction initially, either via the "Generate" button on the app's page on the App Console (when just getting an access token for the app owner's account), or via the OAuth app authorization flow (which can be used for any arbitrary user, not just the app owner).

 

In either case, once the access token is retrieved, the app can store and re-use it without further manual user interaction.

 

Long-lived access tokens don't expire, so they can be stored and re-used indefinitely (unless/until revoked). Short-lived access tokens expire after four hours though.

 

With the new system of short-lived access tokens and optional refresh tokens, in order to maintain long-term access without further manual user interaction, the app would need to request "offline" access, to get and store a refresh token, in addition to the short-lived access token. A refresh token allows the app to retrieve new short-lived access tokens on demand, whenever needed, without further manual user interaction. The "Generate" button does not currently offer the ability to retrieve refresh tokens, so you'd need to use and implement the OAuth flow in order to get that. You can find information on how that works in the OAuth Guide and authorization documentation. This blog post may also be helpful if you haven't already seen it.

  • DuraUser's avatar
    DuraUser
    New member | Level 2
    5 years ago

    Hi Greg/Team,

     

    In your response you mentioned that we can use refresh token to get short lived access tokens without further manual interaction. How long can we keep using the refresh token. Is there a time limit on when Refresh token also expires?

     

    "With the new system of short-lived access tokens and optional refresh tokens, in order to maintain long-term access without further manual user interaction, the app would need to request "offline" access, to get and store a refresh token, in addition to the short-lived access token"

    • Greg-DB's avatar
      Greg-DB
      Icon for Dropbox Community Moderator rankDropbox Community Moderator
      5 years ago

      DuraUser Dropbox refresh tokens don't expire automatically, but they can be revoked by the app or user on demand.

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.

The Dropbox Community team is active from Monday to Friday. We try to respond to you as soon as we can, usually within 2 hours.

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X, Facebook or Instagram.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!