Switching users in app

Question

Hi All&nbsp;is it possible (in a test app) to login as user 1, view files etc, then log out and log in as user 2, view their files etc?&nbsp;My app is using an OAuth2 flow in .net, its a windows forms app.during the authentication routine, it opens a browser window and presents the login page. the access token is then kept to validate operations.&nbsp;when logging out, i remove the access token (set to string.empty), in addition - ive also sent a&nbsp;TokenRevokeAsync request. after awaiting that event it loads up the login browser and immediately restores the previous access token.&nbsp;Im using the Developer API for .net (official)&nbsp;&nbsp;the method on the login form(browser) that is called, is:        Public Sub Start(ByVal appKey As String)
            Me.oauth2State = Guid.NewGuid().ToString("N")
            Dim authorizeUri = DropboxOAuth2Helper.GetAuthorizeUri(OAuthResponseType.Token, appKey, New Uri(RedirectUri), oauth2State, False, False)
            Me.Browser.Navigate(authorizeUri)
        End Subthen:      Private Sub BrowserNavigating(ByVal sender As Object, ByVal e As NavigatingCancelEventArgs)
            If (Not e.Uri.ToString().StartsWith(RedirectUri, StringComparison.OrdinalIgnoreCase)) Then
                ' we need to ignore all navigation that isn't to the redirect uri.
                Return
            End If

Try
                    Dim Result As OAuth2Response = DropboxOAuth2Helper.ParseTokenFragment(e.Uri)
                If (Result.State &lt;&gt; Me.oauth2State) Then
                    Return
                End If
                Me.AccessToken = Result.AccessToken
                    Me.Uid = Result.Uid
                    Me.Result = True
                Catch eww As ArgumentException
                    ' There was an error in the URI passed to ParseTokenFragment
                Finally
                    e.Cancel = True
                    newAttempt = False
                    Me.Browser.Navigate("about:blank") ' nav away
                    Me.Hide()
                End Try
        End SubCould anyone suggest anything to make this work?&nbsp;BTW: on first run, there is no credential stored so i know this is something to do with cached credentials.

Greg-DB · Answer

You can certainly switch users by switching access tokens, as you're attempting to do. It sounds like the issue is that when you direct the user to authorize the app a second time, they're being automatically redirected back to your app, along with a (new) access token for that same account.
&nbsp;
This can happen if the user is still logged in to the&nbsp;Dropbox web site and has already authorized the API app.
&nbsp;
If instead you want to avoid this behavior and make sure the user has a chance to switch accounts, you can set the forceReapprove parameter to true on&nbsp;DropboxOAuth2Helper.GetAuthorizeUri:
&nbsp;
https://dropbox.github.io/dropbox-sdk-dotnet/html/M_Dropbox_Api_DropboxOAuth2Helper_GetAuthorizeUri.htm

knight2601 · Answer

Hi, I've tried that, it just auths&nbsp;them in to that same account but asks for permission to connect to their dropbox.&nbsp;i've tried deleting local cookies, creating new browser controls (incase it was an IE caching issue) to no avail.&nbsp;It's being cached in the app/api somewhere, if i close the app and reload it, its clean and prompts for login with no token, does the API cache the last key and return it instead of a new auth run?&nbsp;Andy

Greg-DB · Answer

You didn't mention where/when you actually switched accounts. Did you do so? When using forceReapprove=true, you would need to manually (as the user on the Web site) switch the account you're logged in to by logging out and then logging in as the other account, before authorizing the app again.

knight2601 · Answer

Hi&nbsp;The app is a Windows desktop app (wpf), process:Load test appSelect user - if credentials (token) doesnt exist for that user already (in app storage) - then the app directs user to a browser control to auth with dropbox.at this time the user can retrieve lists, download, upload etc..switch accounts in the app, (if credentials (token) exists in the app for that user, then dropbox will list/operate on the correct user account).(the first time it auths in dropbox - it's fine) 2nd login auth attempt: If the credentials don't exist then user is directed to auth in dropbox, but dropbox immediately returns the authorize token from the previous user, if force is on in the connection - then dropbox shows the previous user info and asks for connection to their dropbox account.the logout method i have - just clears the accesstoken, in the app, for the logged in user. I've tried calling the relevant endpoint to invalidate the token, but thats the wrong usage of that procedure as a new access token isnt required, just the most recent user logged in.&nbsp;so it looks like either:the app is caching the response? I've tried removing the application cookies (using Windows.Application.SetCookie method, I've destroyed the browser and using XAMLwriter - created a new browser control in the form, deleted all relevant cookies from the cookie folder in windows (contains 'www.dropbox.com' &amp; '__Host-js_csrf').dropbox api endpoint is caching the response?So just to be clear: Its the second login to dropbox browser auth routine that is returning the 1st token, not the second.&nbsp;Maybe i need to do something to notify dropbox of the user logging out?&nbsp;&nbsp;Any ideas?&nbsp;Andy

Greg-DB · Answer

Can you share a sample project showing the issue? That should help us see exactly where the problem is happening. Thanks in advance!

Forum Discussion

Switching users in app

10 Replies

About Dropbox API Support & Feedback

Related Content

Switching accounts on the app.

Can't open the Dropbox app after the user folder name changed

can other users use my app ?

how to check team space support for user-linked apps

Switching emails on an acount

Recent Discussions

API Path Resolution Issue with Lambda Function

Dropbox Cursor Behavior

Wrong Oauth2 Token

OAuth using laravel 11

playback streaming Issue