Take Your Search Game to the Next Level with Dropbox Dash  🚀✨ Curious how it works? Ask us here! 

Forum Discussion

AnkitKumarOjha's avatar
AnkitKumarOjha
New member | Level 1
2 months ago

Teams Access Token v/s User Access token

I am trying to access the teams folder and all the files and folders inside it for a particular member(not Admin) in my team using java sdk. According to my research and implementation we first need to generate teams access token(only by admin) then that can be used to create a teams client and then I can store this teams access token along with refresh token. Now when any team member signs in using OAuth slow i get the user access token which cannot be used to access the teams folder inside the user account , to achieve that we need to get the member Id of that user from the user access token we just got and then create a client using teamClient.asMember() then we specify the pathroot name space(team folderId) which we can get by listing all team folders from the team client and only after that we can get the team files and folders for a specific user. Please tell me if there is anything i have understood differently in this flow. If this flow is ideal then the teams access token is centralized for all members which is a huge dependency as it is short lived and expires and even if i implement the refresh token mechanism , this flow will need admin manual intervention if the refresh token changes which is possible in many cases. Can you provide a better solution for my this issue?

1 Reply

Sort By
  • DB-Des's avatar
    DB-Des
    Icon for Dropbox Engineer rankDropbox Engineer
    2 months ago

    Hi AnkitKumarOjha,

    Your understanding of team files interaction is accurate.

    Just to clarify a couple of things:

    we first need to generate teams access token(only by admin) then that can be used to create a teams client and then I can store this teams access token along with refresh token

    An app with team scopes can only be authorized by a team admin. Also, keep in mind that access tokens do expire, whereas refresh tokens do not. Refresh tokens can be securely stored, but access token will need to be regenerated as needed (using the corresponding refresh token).

    Now when any team member signs in using OAuth slow i get the user access token which cannot be used to access the teams folder inside the user account

    As mentioned above, team members cannot authorize apps with team scopes, unless they are admins. 

    If this flow is ideal then the teams access token is centralized for all members which is a huge dependency as it is short lived and expires and even if i implement the refresh token mechanism

    Keep in mind that when you use one of our official Dropbox SDKs, you do not need to implement all of the logic for the process of regenerating access tokens using a refresh token yourself. The SDK will do most of the work for you.

    I hope this information is helpful!

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.5,989 PostsLatest Activity: 15 hours ago
378 Following

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!