Need to see if your shared folder is taking up space on your dropbox 👨‍💻? Find out how to check here.

Forum Discussion

egurik's avatar
egurik
Explorer | Level 4
5 years ago
Solved

Implementing refresh tokens for objective-c applications

Hello there.   So, according to Your reminder: "on September 30th, 2021, the Dropbox OAuth flow will no longer return new long-lived access tokens. It will instead return short-lived access tokens,...
API
  • kylea's avatar
    kylea
    5 years ago

    The tokenExpirationTimestamp is a unix timestamp.  Parsing it should show ~4 hours until expiration, but expiration time is subject to change and should not be hardcoded. 

     

    The SDK should be handling requesting an updated access token from a refresh token for you.

     

    Refresh tokens don't expire; though end users can revoke the authentication.

kylea's avatar
kylea
Icon for Dropbox Staff rankDropbox Staff
5 years ago

The tokenExpirationTimestamp is a unix timestamp.  Parsing it should show ~4 hours until expiration, but expiration time is subject to change and should not be hardcoded. 

 

The SDK should be handling requesting an updated access token from a refresh token for you.

 

Refresh tokens don't expire; though end users can revoke the authentication.

  • egurik's avatar
    egurik
    Explorer | Level 4
    5 years ago

    Thanks for the reply!

     

    The tokenExpirationTimestamp is a unix timestamp.  Parsing it should show ~4 hours until expiration, but expiration time is subject to change and should not be hardcoded. 

    Thanks. Good to know. Although it wouldn't be bad if this fact was reflected in the documentation (with measure units + examples).

     

    Refresh tokens don't expire; though end users can revoke the authentication.

    Yes, sorry. I meant a short-lived access token.

     

    The SDK should be handling requesting an updated access token from a refresh token for you.

    It's of course very cool. Thanks. Just to confirm that we are on the same page: I should not call DBOAuthManager.

    refreshAccessToken explicitly? If a user does not sign out by himself then the SDK will not return the error 401?

     

     

    • Greg-DB's avatar
      Greg-DB
      Icon for Dropbox Community Moderator rankDropbox Community Moderator
      5 years ago

      That's correct, you don't need to call refreshAccessToken yourself. As long as you set things up as instructed, the SDK will handle all of that for you.

       

      And yes, as long as nothing specifically happens to invalidate the refresh token (such as the user unlinking the app, deleting their account, etc.) the refresh token will continue to be usable.

      • egurik's avatar
        egurik
        Explorer | Level 4
        5 years ago

        Thanks a lot!

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.

The Dropbox Community team is active from Monday to Friday. We try to respond to you as soon as we can, usually within 2 hours.

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X, Facebook or Instagram.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!