We’re Still Here to Help (Even Over the Holidays!) - find out more here.
Forum Discussion
Non expiring token kept on changing
So i tried following this article about obtaining my perm app token. I did the exact steps. but it always gives me a different Token when i try to access the link https://www.dropboxforum.com/t5/Dro...
This is very difficult and it is a pity that the previous use is no longer possible.
we currently have around 45,000 users of the backup plugin.
You can imagine what that means for me in terms of support when the users come and write that the upload to Dropbox is no longer working.
I looked at the authorization and don't really understand why a redirect url is required.
We also offer other cloud services such as GoogleDrive and Nextcloud in our plugin.
And I think that something might have to be changed here, especially with picking up the access code from Dropbox.
I can now try to install this in the configuration menu of our plugin, but this topic redirect url is proving to be difficult.
Could one also work without redirect and still get the refresh_token with the code?
we currently have around 45,000 users of the backup plugin.
You can imagine what that means for me in terms of support when the users come and write that the upload to Dropbox is no longer working.
I looked at the authorization and don't really understand why a redirect url is required.
We also offer other cloud services such as GoogleDrive and Nextcloud in our plugin.
And I think that something might have to be changed here, especially with picking up the access code from Dropbox.
I can now try to install this in the configuration menu of our plugin, but this topic redirect url is proving to be difficult.
Could one also work without redirect and still get the refresh_token with the code?
Greg-DB
Dropbox Community Moderator
Dropbox Community Moderatorsimatec Whether using the old long-lived access tokens, or new short-lived access tokens/refresh tokens, 'redirect_uri' is optional when you're using 'response_type=code' (such as for the standard code flow for server-side apps, or PKCE flow for client-side apps). When it is omitted, the user is presented with the authorization code directly on the Dropbox web site after authorizing the app, which they would then copy/paste into the third party app for it to complete the flow, that is, calling /oauth2/token to get the resulting access token/refresh token.
Thank you for your explanations. I integrated the authorization into our GUI and submitted the APP for production due to around 45,000 users of our plugin. How long does this test normally take? I currently have many users with problems and the support effort is currently very high. I hope that the app will be released for production soon so that users can use it normally again. The app is called: Backup-DropCloud Thanks in advance.
- Greg-DB
simatec1976 That should be processed within a few business days. If you need help with a production request you can always open a ticket via https://www.dropbox.com/developers/contact .
My request was denied because the app name doesn't match the plugin name.
Unfortunately, this name is already taken and I can't do anything about it
- Greg-DB
simatec1976 I just checked on this, and it looks like you already have an open support ticket for that, so they'll follow up with you there soon.
thx for your support.
Yes, I opened a ticket or replied to the rejection by email.
Unfortunately, the app can only be checked if you install the iot system iobroker.That means there is no website or access to test it.
The whole thing is integrated in the plugin backitup for the iobroker.I've come a long way now.
However, I'm hanging on refresh_token with PKCE.
How can I do a refresh with the VERIFICATION_CODE.
I didn't want to work with client_secret.
with client_secret the example looks like this:
curl https://api.dropbox.com/oauth2/token \ -d grant_type=refresh_token \ -d refresh_token=<REFRESH_TOKEN> \ -u <APP_KEY>:<APP_SECRET>
Is there also a way to refresh_token with the VERIFICATION_CODE instead of the client_secret?I really don't want the client_secet in the Source code
tahsiniDropbox Staff
Hey simatec1976
To use the /oauth2/token with a refresh token that was retrieved via the PKCE flow to get a new short-lived access token without using the app secret would look like this:
curl https://api.dropbox.com/oauth2/token \ -d refresh_token=<REFRESH_TOKEN> \ -d grant_type=refresh_token \ -d client_id=<APP_KEY>
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
