Revoke short-lived access token without revoking the refresh token

Question

I am using the HTTP API calls to access Dropbox. I'm trying to migrate from long-term access tokens to short-lived tokens. In order to do this, I need to test calling a refresh to get a new access token based on the refresh token. Unfortunately, the short-lived tokens take about four hours to expire, so it makes iterative development difficult.

Is there a way to revoke just the access token while leaving the refresh token intact? According to the docs (auth-token-revoke ) this call will revoke both the access token and the refresh token. This makes it hard to develop and debug the refresh process in our apps. Is there a way to force the access token to expire?

Greg-DB · Answer

No, unfortunately there currently isn't a way to revoke only the short-lived access token and not any corresponding refresh token,&nbsp;but I'll pass this along as a feature request. I can't promise if or when that might be implemented though.&nbsp;

jimbeauphloyd · Answer

OK, thanks for the reply!

Forum Discussion

Revoke short-lived access token without revoking the refresh token

2 Replies

About Dropbox API Support & Feedback

Related Content

Short lived access tokens only?

Python API Short-lived access token for Dropbox

Migrating to short-lived access tokens

Short lived token - Android user experience

short-lived access tokens

Recent Discussions

/oauth2/authorize (code flow) redirects to http://www.dropbox.com/home instead of redirect_uri

Add id and .tag fields to DeletedMetadata in the API

Shared Link - Download in .NET

Dropbox API server root certificate changes for .Net

GetCurrentAccountAsync API Failing for some Team Members while using Impersonation