One month down in 2025: How are your resolutions coming along? Check out how to get back on track here.
Forum Discussion
good_boy
7 years agoExplorer | Level 4
Keep getting new access token
I can successfully authenticate Dropbox in my Phonegap app the first time, but I keep getting a new one if the button is pressed again, why is that? Shouldn't it return the same token again?
And there is a blank screen which appears. I have seen many dirty solution to change the inappbrowser.js code itself. this is problematic, since the plugin can't be edited if I have to compile the app for multiple platforms from an online build service.
What is your suggestion for a proper implementation, where authorization happens only once if successful and stored indefinitely in the app without concern if the app cache is cleared by user and a blank page is also not displayed?
At present I have this basic implementation, in index.html
<button onclick="authenticateWithCordova()">Authenticate</button>
<script>
function authenticateWithCordova() { var dbx = new window.Dropbox.Dropbox({ clientId: 'xxxxxxxxxx' }); dbx.authenticateWithCordova(AuthSuccess,AuthFail); } function AuthSuccess(accessToken) { localStorage.accessToken = accessToken; console.log(accessToken); } function AuthFail() { alert("Auth Fail"); }
</script>
- Greg-DB
Dropbox Staff
You are not supposed to get the same access token on different app authorizations. Each time you go through the flow, you will get a different one. You generally should store and re-use the access token you get so that the user doesn't have to process the app authorization flow every time.
Can you elaborate on the issue you're referring to when you mention the "blank screen"?
- good_boyExplorer | Level 4
If the user is authorizing for the first time, the inappbrowser in Cordova opens the dropbox login web address which allows the user to login and authorize the app, which returns an access token.
But if the button is pressed again, the inappbrowser would open momentarily and then close immediately and return the new access token.
So to a user a blank screen is shown for 1-2 seconds, then it closes.
- Greg-DB
Dropbox Staff
Thanks! It sounds like you're referring to the behavior of the Dropbox OAuth app authorization flow where, if the user has already authorized your app, then they may be automatically redirected back to your app instead of having to provide explicit authorization again. (This is when the browser would presented momentarily, but then would be automatically dismissed since the authorization flow automatically completed.) If the user fully revokes the app's authorization, e.g., via https://www.dropbox.com/account/security , though, then they will not be automatically redirected.
Apps can also control this behavior using the 'force_reapprove' parameter on /authorize:
https://www.dropbox.com/developers/documentation/http/documentation#oauth2-authorize
This isn't currently implemented in the official JavaScript SDK, but I'll be sure to pass this along as a feature request.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.5,947 PostsLatest Activity: 17 minutes ago
If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!