We're making changes to the Community, so you may have received some notifications - thanks for your patience and welcome back. Learn more here.
Forum Discussion
nitish166
3 years agoHelpful | Level 5
Need Permanant Access token for drop box
Hi All,
Good day...!!!
I'm Nitish Kumar from India. I'm a software engineer. Currently, I'm working on one of the projects using node js where I'm using dropbox API with the access token. ev...
- 3 years ago
Dropbox is in the process of switching to only issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens. You can find more information on this migration here.
Apps can still get long-term access by requesting "offline" access though, in which case the app receives a "refresh token" that can be used to retrieve new short-lived access tokens as needed, without further manual user intervention. You can find more information in the OAuth Guide and authorization documentation. You can find an example of using refresh tokens with the JavaScript SDK here.
For reference, while the creation of new long-lived access tokens is now deprecated, we don't currently have a plan to disable existing long-lived access tokens. (If that changes, we will of course announce that ahead of time.) That being the case, you can continue using existing long-lived access token(s) without interruption, if you have any. Also, note though that after the change you won't be able to create new long-lived access tokens.
While the change began on September 30th 2021, we're releasing it gradually, so you may not have seen your app(s) affected until now. Once it applies to your app, it would apply regardless of the "Access token expiration" setting for your app, and that setting may no longer be available for your app.
nitish166
Helpful | Level 5
MG2L
3 years agoExplorer | Level 3
Hi
I just encountered the new authentication way issue with the official node SDK.
I need a long life token to run on my backend server that requests regularly my files on dropbox.
I understand the need to refresh the short live token, but I don't understand how to perform that.
The provided example https://github.com/dropbox/dropbox-sdk-js/blob/b5631e4b5b0e9eb6d3297e1ee57ad29a63d49898/examples/javascript/PKCE-backend/code_flow_example.js doesn't help because this is not my use case (my app is a backend app, not a frontend one). I can't use getAuthenticationUrl because I don't have to use a redirect url
Here is a sample of my dropbox service https://gist.github.com/tangb/f749af0f95a1db03cc1c0abf5a8ed03d
As you can see I instanciate my dropbox SDK in my constructor using my token (which is now always a short-lived token). All this code worked before I update my token.
Anyway, I have some questions:
- why the sdk does not automatically handle refresh token (it should have all necessary to perform this itself no ?)
- how to refresh my token by myself using my code ? I understand I need to handle 401 http status and request a new short-lived token using a refresh token, but where can I find it ? In my app console panel, I only find a token, not the refresh token ? Do I use the clientId/clientSecret ?... is there and example to illustrate the process ?
Thank you very much for your help 😉
- Greg-DB3 years agoDropbox Staff
MG2L Здравко is correct; the Dropbox JavaScript SDK does perform the refresh process for you automatically as long as you provide the necessary credentials (e.g., the refresh token), as shown the example. (You can also call refreshAccessToken in the SDK explicitly if you want to for whatever reason, but it's not necessary.) And as Здравко illustrated, you have to use the OAuth app authorization flow to get a refresh token.
Also, you can technically use getAuthenticationUrl without a redirect URI, by setting the parameter to null, as long as you're using the "code" flow (e.g., as shown in that example). In that case, the user would just need to manually copy/paste the resulting authorization code back into the app.
- MG2L3 years agoExplorer | Level 3
Hi
First of all thank you very much for your help.
I noted dropbox node sdk will refresh automatically my token if it expires.
I sucessfully tryed the manual procedure provided by Здравко (request url in my browser, perform curl request to get code and use it in my backend) but I can't request a "code" from my backend while the request form will wait for an the form to be validated. So I still do not understand how to connect the first time (after each deployment) using the node SDK.
In all usecases I already encountered in my developer life (;-)), I usually need to provide a clientId/clientSecret most often encrypted in base64 (concat with special char between) and the SDK will automatically handle all auth stuff (auth -> refresh_token -> expiration -> new refresh token).
In my mind, I just need to create my Dropbox objet with appropriate parameters and the sdk magically do the rest. In other words my backend must handles the authentication process by itself without human intervention to provide a code.
Maybe I missed something somewhere on your answers :S
Maybe there is some piece of code somewhere ?
Or maybe there is a way to generate a permanent access token with manual procedure ?
Thank you again for your help. It is really appreciated 😉
- Greg-DB3 years agoDropbox Staff
MG2L The user does need to process the app authorization flow manually at least once to authorize the app. That produces an authorization code that can be used once to retrieve the access token and optional refresh token. The refresh token can be stored and re-used without manual user interaction though. Even if you are the only user of your app, you'll need to do that manually once. In addition to the outline that Здравко linked to, you can see an example of the OAuth app authorization flow implemented with the JavaScript SDK in particular here.
About Discuss Dropbox Developer & API
795 PostsLatest Activity: 3 days ago
If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!