Need to see if your shared folder is taking up space on your dropbox 👨‍💻? Find out how to check here.

Forum Discussion

lalomores's avatar
lalomores
Helpful | Level 5
4 years ago
Solved

"App Authentication" for App (without tokens). Yet another migration from long lived tokens question

Hi there! I see there have been a lot of questions in the forum on this topic, so I'll just cut to the chase. My app is made in Meteor (NodeJS) and React. Clients of my app do not need to handle fi...
Developers
  • Greg-DB's avatar
    Greg-DB
    4 years ago

    lalomores Just like with long-lived access tokens, the user needs to manually authorize the app once to get the refresh token, which can then be stored and re-used without further manual user interaction. In that example, you can see where the SDK returns the refresh token, which is then set on the client, on this line: https://github.com/dropbox/dropbox-sdk-js/blob/main/examples/javascript/simple-backend/code_flow_example.js#L38 . You can store and programmatically re-use that 'token.result.refresh_token' value similar to how you would store and programmatically re-use a long-lived access token.

     

    The refresh token is used to programmatically retrieve new short-lived access tokens whenever needed, without the user necessarily present. Those new short-lived access tokens that get retrieved automatically are what are used to then make actual API calls, such as filesListFolder (or usersGetCurrentAccount, as in the example).

     

    Anyway, while Dropbox and the Dropbox API aren't really designed to be used as a CDN, we do recommend using the official SDK(s) whenever possible for accessing the Dropbox API. And using the app folder access type whenever that works for the use case is also a best practice.

Здравко's avatar
Здравко
Legendary | Level 20
4 years ago
dwissing wrote:

...  I don't really understand how this works, or where I can put the refresh token in order to use it to create a new Dropbox object.

Ok, I'm putting the example with enlightened line here again. Can you explain what exactly this line is doing (exactly this, no any other)? What will change if you replace the argument there to your refresh token literal? 🤔

Don't go fast! Relax little bit (as much as need). When you get ready, take a look on the line. What are you seeing there, what this line does actually? What if you put this line at the beginning? (next client object creation)

dwissing's avatar
dwissing
Explorer | Level 4
4 years ago

Thank you.  I think I have it now. 

 

I was thinking that you needed to already have the authenticated token before creating the new Dropbox object.

 

I didn't realize you could create an un-authenticated dbx object, and the call a method on it to authenticate.

 

I appreciate your patience and help.  🙂 

About Discuss Dropbox Developer & API

Node avatar for Discuss Dropbox Developer & API
Make connections with other developers

The Dropbox Community team is active from Monday to Friday. We try to respond to you as soon as we can, usually within 2 hours.

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X, Facebook or Instagram.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!