Refreshing short live tokens without Consumer Key and Consumer Secrect

Question

Dear all,&nbsp;we are updating our code in order to support refresh token. We need backgroud renewal of the token.We are using the JAVA version of the API.It seems that in order to update the token (to refresh the short lived token)&nbsp;it is mandatory to store in the code the following secret information (Consumer Key and Consumer Secrect):ApiKey and ApiSecret&nbsp;DbxRequestConfig requests&nbsp;ApiKey and ApiSecret in order to refresh the token.https://dropbox.github.io/dropbox-sdk-java/api-docs/v3.1.x/com/dropbox/core/oauth/DbxCredential.html&nbsp;Is there another solution that avoids to write the&nbsp;Consumer Key and Consumer Secrect within the code?&nbsp;Thanks to all

Greg-DB · Accepted Answer

Yes, you can use the "PKCE" flow to process "offline" access without having the app secret. You can find an example of running this with the Java SDK here:
&nbsp;
https://github.com/dropbox/dropbox-sdk-java/blob/master/examples/authorize/src/main/java/com/dropbox/core/examples/authorize/PkceAuthorize.java

Forum Discussion

Refreshing short live tokens without Consumer Key and Consumer Secrect

2 Replies

About Dropbox API Support & Feedback

Related Content

Dropbox online-only consuming hard drive space.

Massive download at startup is consuming huge download bandwidth

Dropbox online-only consuming hard drive space on Windows

Refresh Token Url

Get refresh token from access token?

Recent Discussions

Invalid shared folder ID when trying to mount

Is There a Dropbox API Equivalent for Zipping Selected Files (Like the Web UI)?

Server-side alphabetical sorting for filesListFolder API - Any updates or workarounds?

Retrieve folders recursively

SSL Certificate error or SSH md5 fingerprint not Ok error.