So i tried following this article about obtaining my perm app token. I did the exact steps. but it always gives me a different Token when i try to access the linkhttps://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Tokens-only-valid-for-4-hours-from-app-console/td-p/425269am I doing something wrong here? it feels very confusing.

If you are referring to processing the OAuth app authorization flow, note that each time you do so, you will get a different access token (and refresh token, if you're requesting one). These values are expected to be different each time. You only need to process this flow when needed though. For instance, if you are requesting "offline" access, and so are receiving a refresh token, you should store and re-use the resulting refresh token, without processing the app authorization flow again. If you haven't already, I recommend reading the following resources for more information on this: https://developers.dropbox.com/oauth-guide https://www.dropbox.com/developers/documentation/http/documentation#authorization https://dropbox.tech/developers/migrating-app-permissions-and-access-tokens If something isn't working as expected or if you're still stuck on something, please show us what the problem is and we'll be happy to help however possible.

Hey there, this still isn't really working. the problem is the call for token just always expires so I cannot be able to get the code running for longer than 4 hours. please help

Dropbox is switching to issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens, so this is expected. You can find more information on this migration here. That being the case, you will get a short-lived access token by default. (You can identify a short-lived access token by the "sl." prefix.) Apps can still get long-term access by requesting "offline" access though, in which case the app receives a "refresh token" that can be used to retrieve new short-lived access tokens as needed, without further manual user intervention. You can find more information in the OAuth Guide and authorization documentation. While the change to only issue short-lived access tokens began on September 30th, we're releasing it gradually, so you may not have seen your app(s) affected until now. Once it applies to your app, it would apply regardless of the "Access token expiration" setting for your app, and that setting may no longer be available for your app. Note that if you are not the programmer responsible for this integration, you may need to get an update from them to support this.

So is it no way other than that to get a perm token? I don't think offline mode work and I need the old way to function. I think that's the only thing stopping the code to work now which is a perm token that does not expire after 4 hours

As the title says, I am trying to generate a refresh token, and then I would like to use the refresh token to get short lived Access tokens.There is a problem though, in that I'm not smart enough to understand the docs on the dropbox site, and all the other information I've found hasn't worked for me (A, B, C) or is in a language I don't understand.I have tried out all three examples from the github page, as well as user code from other questions on this site.I haven't got anything to work.The most I got wasError: 400 Client Error: Bad Request for url: api.dropboxapi.com/oauth2/tokenanddropbox.rest.RESTSocketError: Error connecting to "api.dropbox.com": [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123)

Non expiring token kept on changing | The Dropbox Community

27 Replies

Replies have been turned off for this discussion

simatec1976
Explorer | Level 3
4 years ago
Thank you for your explanations. I integrated the authorization into our GUI and submitted the APP for production due to around 45,000 users of our plugin. How long does this test normally take? I currently have many users with problems and the support effort is currently very high. I hope that the app will be released for production soon so that users can use it normally again. The app is called: Backup-DropCloud Thanks in advance.
Greg-DB
Dropbox Community Moderator
4 years ago
simatec1976 That should be processed within a few business days. If you need help with a production request you can always open a ticket via https://www.dropbox.com/developers/contact .
simatec1976
Explorer | Level 3
4 years ago
Greg-DB
My request was denied because the app name doesn't match the plugin name.
Unfortunately, this name is already taken and I can't do anything about it
Greg-DB
Dropbox Community Moderator
4 years ago
simatec1976 I just checked on this, and it looks like you already have an open support ticket for that, so they'll follow up with you there soon.
simatec1976
Explorer | Level 3
4 years ago
Greg-DB
thx for your support.
Yes, I opened a ticket or replied to the rejection by email.
Unfortunately, the app can only be checked if you install the iot system iobroker.
That means there is no website or access to test it.
The whole thing is integrated in the plugin backitup for the iobroker.
simatec1976
Explorer | Level 3
4 years ago
Greg-DB
I've come a long way now.
However, I'm hanging on refresh_token with PKCE.
How can I do a refresh with the VERIFICATION_CODE.

I didn't want to work with client_secret.
with client_secret the example looks like this:

curl https://api.dropbox.com/oauth2/token \ -d grant_type=refresh_token \ -d refresh_token=<REFRESH_TOKEN> \ -u <APP_KEY>:<APP_SECRET>

Is there also a way to refresh_token with the VERIFICATION_CODE instead of the client_secret?
I really don't want the client_secet in the Source code
tahsini
Dropbox Staff
4 years ago
Hey simatec1976

To use the /oauth2/token with a refresh token that was retrieved via the PKCE flow to get a new short-lived access token without using the app secret would look like this:

curl https://api.dropbox.com/oauth2/token \ -d refresh_token=<REFRESH_TOKEN> \ -d grant_type=refresh_token \ -d client_id=<APP_KEY>

Forum Discussion

Non expiring token kept on changing

27 Replies

About Dropbox API Support & Feedback

Related Content

API access token expired

API access token expired

dropbox.exceptions.AuthError: expired access token

What's the correct way to handle expired access token

API Token Expired

Recent Discussions

/oauth2/authorize (code flow) redirects to http://www.dropbox.com/home instead of redirect_uri

Add id and .tag fields to DeletedMetadata in the API

Shared Link - Download in .NET

Dropbox API server root certificate changes for .Net

GetCurrentAccountAsync API Failing for some Team Members while using Impersonation