Forum Discussion

jimbeauphloyd's avatar
jimbeauphloyd
Explorer | Level 3
4 years ago

Revoke short-lived access token without revoking the refresh token

I am using the HTTP API calls to access Dropbox. I'm trying to migrate from long-term access tokens to short-lived tokens. In order to do this, I need to test calling a refresh to get a new access token based on the refresh token. Unfortunately, the short-lived tokens take about four hours to expire, so it makes iterative development difficult. 

 

Is there a way to revoke just the access token while leaving the refresh token intact? According to the docs (auth-token-revoke ) this call will revoke both the access token and the refresh token. This makes it hard to develop and debug the refresh process in our apps. Is there a way to force the access token to expire?

  • Greg-DB's avatar
    Greg-DB
    Icon for Dropbox Staff rankDropbox Staff

    No, unfortunately there currently isn't a way to revoke only the short-lived access token and not any corresponding refresh token, but I'll pass this along as a feature request. I can't promise if or when that might be implemented though. 

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.5,940 PostsLatest Activity: 24 hours ago
350 Following

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!