We’re Still Here to Help (Even Over the Holidays!) - find out more here.
Forum Discussion
OAuth Updates for an App for just One Single User (Developer is only user) required ?
I received a mail from Dropbox announcing the Oauth updates by Sept 2021.
I have a very simple Single Page Java Script application - which runs in the browser not in node - and I use the Dropbox-sd...
I want to rework my existing very simple App that was based on the provided download example of the SDK to use the new authentication.
The provided new example that you suggested to me uses a local
server at the localhost domain listening to process messages on port 8080.
The whole code is written around this functionality. It receives the access token via this callback.
So my problem is that I cannot use this example since I have no local host because I dont use npm.
Might be that there is no solution for my simple case. Propably I would need a local server for the new authentication and therefore would need a npm environment.
But then dropbox in the future is no solution for a pure browser environment without npm.
But this should then be clearly stated in the documentation.
With kind regards
Martin Klein
Greg-DB
Dropbox Community Moderator
Dropbox Community ModeratorWhile our sample does run a local server using npm/node, npm/node is not the only option. You have your choice of server for your own app. You don't need to use npm/node in particle to integrate with the Dropbox API using the JavaScript SDK in the browser.
Also, the new authorization system does not actually change the requirements on authorization flow itself, such as redirect URIs. You still have the same options as before. For instance:
- if this is only for your own use, you can still manually input your own access token and now optionally refresh token without processing the OAuth flow each time
- if you do implement the OAuth flow, you still are not required to use a redirect URI. With the "code" flow, a redirect URI is still optional; if you don't use one the user just has to manually copy and paste the returned authorization code into the app
It sounds like in your case you probably just want to process the OAuth flow manually once for your own account to get a refresh token (redirect URI not required) and then plug the resulting refresh token in to the Dropbox constructor, along with the other parameters.
I tried now your first suggestion:
- if this is only for your own use, you can still manually input your own access token and now optionally refresh token without processing the OAuth flow each time
So in the Dropbox App Console I requested a Short Term Access Token (Short Term because the never ending one will disappear in the future). I inserted this manually in your sample code and of course that worked - but only for around 10 hours. Then I received a 401 error on the file list call.
So this means that I would have to do this manual request of a new access token basically every new day I use the app. Not really a solution !
But during the next days I will try your second suggestion and come back to you.
With kind regards
Martin Klein
- Greg-DB
Short-lived access tokens only last for a few hours, so if you need long-term access, you'd also need to plug in a refresh token. The refresh token can be used to get new short-lived access tokens on demand, without further manual interaction. The App Console doesn't offer the ability to get refresh tokens though, so you'd need to process the OAuth flow (which you can do manually just once if that's all you need) to get the refresh token.
Ok. Can you please point me to or provide me an example for a MANUAL OAuth flow that would provide me a refresh Token.
Many thanks and kind regards
Martin Klein
- Greg-DB
You can find examples in the authorization documentation, such as how the authorization URL should be formed for /oauth2/authorize, as well as how calls to /oauth2/token would be made using curl.
About Discuss Dropbox Developer & API
Make connections with other developers
