Can anyone show me an example how to use the javascript api to revoke and then let the user re-link to Dropbox?

It sounds like you're referring to still being signed in to the Dropbox web site (www.dropbox.com) itself in the browser. This is unrelated to the API/access token.To sign out of the web site, the user can do so themselves via the "Sign out" link, or the app can direct them to https://www.dropbox.com/logout .

To revoke an access token using the JavaScript SDK, you should use authTokenRevoke:https://dropbox.github.io/dropbox-sdk-js/Dropbox.html#authTokenRevoke__anchorThen, you can just throw away the old access token and start the app authorization flow over if/when necessary, e.g.,:https://github.com/dropbox/dropbox-sdk-js/blob/master/examples/javascript/auth/index.html#L88

Hi Greg.I will be very pleased if you can provide a working example of the revoke process.The authenticate works fine using this code: var DROPBOX_APP_KEY = 'mydropboxappkey'; var dbx = new Dropbox({clientId:DROPBOX_APP_KEY}); dbx.authenticateWithCordova( function(accessToken) { //user is logged in }); but I can't get the revoke process work.Maybe I just don't understand the basic use of the api.I think there is a lack of real life code snippets.I have tried something likedbx.authTokenRevoke(arg). I don't understand what "arg" should be.Should it be a function?Cheers Erik

I think this works, right! var DROPBOX_APP_KEY = 'mydropboxappkey'; var dbx = new Dropbox({clientId:DROPBOX_APP_KEY}); dbx.authTokenRevoke( function() { }); But then I am still logged in until I restart my app.Anything I can do to re-link without restarting my app?

How to relink a user (revoke) using the javascript api.

14 Replies

Replies have been turned off for this discussion

Greg-DB
Dropbox Community Moderator
8 years ago
To revoke an access token using the JavaScript SDK, you should use authTokenRevoke:

https://dropbox.github.io/dropbox-sdk-js/Dropbox.html#authTokenRevoke__anchor

Then, you can just throw away the old access token and start the app authorization flow over if/when necessary, e.g.,:

https://github.com/dropbox/dropbox-sdk-js/blob/master/examples/javascript/auth/index.html#L88
Mixware
Explorer | Level 3
8 years ago
Hi Greg.

I will be very pleased if you can provide a working example of the revoke process.

The authenticate works fine using this code:

var DROPBOX_APP_KEY = 'mydropboxappkey';
    var dbx = new Dropbox({clientId:DROPBOX_APP_KEY});
    dbx.authenticateWithCordova(
    function(accessToken)
    {
   //user is logged in
    });

but I can't get the revoke process work.
Maybe I just don't understand the basic use of the api.
I think there is a lack of real life code snippets.

I have tried something like

dbx.authTokenRevoke(arg).

I don't understand what "arg" should be.
Should it be a function?

Cheers Erik

Greg-DB

Dropbox Community Moderator

8 years ago

Here's an example of how this would work:

var dbx = new Dropbox({ accessToken: 'ACCESS_TOKEN_HERE' });

dbx.authTokenRevoke()
    .then(function(response) {
        // the access token for `dbx` has been revoked
        console.log("got authTokenRevoke response:");
        console.log(response);

        // this should fail now:
        dbx.usersGetCurrentAccount()
          .then(function(response) {
            console.log("got usersGetCurrentAccount response:");
            console.log(response);
          })
          .catch(function(error) {
            console.log("got usersGetCurrentAccount error:");
            console.log(error);
          });

    })
    .catch(function(error) {
      console.log("got authTokenRevoke error:");
      console.log(error);
    });

Mixware
Explorer | Level 3
8 years ago
   I think this works, right!

   var DROPBOX_APP_KEY = 'mydropboxappkey';
    var dbx = new Dropbox({clientId:DROPBOX_APP_KEY});
    dbx.authTokenRevoke(
    function()
    {

    });

But then I am still logged in until I restart my app.
Anything I can do to re-link without restarting my app?
Mixware
Explorer | Level 3
8 years ago
Okay. I did not see your latest reply befor I posted my last one.
I will study that!
Mixware
Explorer | Level 3
8 years ago
Ok. I can get the revoke working by using your code. But I have to restart my app to get the Dropbox login dialog.
If I run authenticateWithCordova right after revoke, I'm just logged in again without the need of writing my username and password.
Anything to do?
Greg-DB
Dropbox Community Moderator
8 years ago
It sounds like you're referring to still being signed in to the Dropbox web site (www.dropbox.com) itself in the browser. This is unrelated to the API/access token.

To sign out of the web site, the user can do so themselves via the "Sign out" link, or the app can direct them to https://www.dropbox.com/logout .
Mixware
Explorer | Level 3
8 years ago
Many thanks for your answers and your efforts to help me.

But, it is not about the Dropbox website.

I have made a Cordova app using javascript.
When the app starts first time, the user is guided to log in to a Dropbox account.
To do that, I use

var DROPBOX_APP_KEY = 'mydropboxappkey';
    var dbx = new Dropbox({clientId:DROPBOX_APP_KEY});
    dbx.authenticateWithCordova(
    function(accessToken)
    {

   //user is logged in
    });

The Dropbox login dialog is displayed in the app and the users can write the username and password and get access to their Dropbox .
Works fine!

My problem is that I would like to give the users opportunity to logout and login to another Dropbox account.
I can run the "dbx.revoke", and it works. The user have no longer access to the Dropbox.

Now I run the "dbx.authenticateWithCordova" again.
This time the Dropbox login dialog is not displayed.
But the user is logged automatically to the same account, and are not able to write another username and password.
The only way I can get the login dialog is to restart the app.

I hope this is clear what the problem is.
Greg-DB
Dropbox Community Moderator
8 years ago
It sounds like you're referring to the behavior of the Dropbox OAuth app authorization flow where, if the user has already authorized your app, then they may be automatically redirected back to your app instead of having to provide explicit authorization again. If the user fully revokes the app's authorization, e.g., via https://www.dropbox.com/account/security , though, then they will not be automatically redirected.

Apps can also control this behavior using the 'force_reapprove' parameter on /authorize:

https://www.dropbox.com/developers/documentation/http/documentation#oauth2-authorize

This isn't currently implemented in the official JavaScript SDK, but I'll be sure to pass this along as a feature request.
anthonyhaffey
Explorer | Level 4
8 years ago
So I tried sending the user to the logout page, but them logging in with a different profile doesn't seem to change which user is logged in with my javascript app.

Is there no way to change the output of dbx.getAuthenticationUrl to give a web address that'll automatically log the user out?

Forum Discussion

How to relink a user (revoke) using the javascript api.

14 Replies

About Dropbox API Support and Feedback

Related Content

Revoke credential

Using javascript to upload file to Dropbox

Get Access Token JavaScript in fetch

Revoke access token

Dropbox throws a javascript error

Recent Discussions

Classic ASP read folder for https file links.

Can't upload branding logo for app

Failed to Load Request Error when using Chooser API

list_folder is not returning media info

Receiving errors from Dropbox API