<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Each OAuth 2.0 re-authentication asks for user's permission in Dropbox API Support &amp; Feedback</title>
    <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Each-OAuth-2-0-re-authentication-asks-for-user-s-permission/m-p/617875#M28452</link>
    <description>&lt;P&gt;Hello,&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;I'm developing JS SPA which uses Dropbox as a storage. It has no backend, thus I'm using OAuth 2.0 code flow with PKCE.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;According to the documentation &lt;A href="https://developers.dropbox.com/oauth-guide:" target="_blank"&gt;https://developers.dropbox.com/oauth-guide:&amp;nbsp;&lt;/A&gt;&lt;/P&gt;&lt;P class="lia-indent-padding-left-30px"&gt;&amp;nbsp;&lt;/P&gt;&lt;P class="lia-indent-padding-left-30px"&gt;&lt;EM&gt;If the token expires - throwing a 401 error - your application may simply re-authenticate as described above. If your token is expired, but the user is signed into Dropbox and their&amp;nbsp;&lt;A href="https://help.dropbox.com/installs-integrations/third-party/third-party-apps" target="_blank"&gt;approval is still valid&lt;/A&gt;, the redirects will not require end-user input. A user’s approval remains valid until explicitly revoked.&lt;/EM&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;But if I redirect user to auth link, it still requires user to accept application and grant permissions.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Can I configure Dropbox to ask user for permissions only first time? So further token refresh will be seamless for user.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;--&lt;/P&gt;&lt;P&gt;Thanks,&lt;/P&gt;&lt;P&gt;Serhii&lt;/P&gt;</description>
    <pubDate>Tue, 23 Aug 2022 21:25:25 GMT</pubDate>
    <dc:creator>serge30</dc:creator>
    <dc:date>2022-08-23T21:25:25Z</dc:date>
    <item>
      <title>Each OAuth 2.0 re-authentication asks for user's permission</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Each-OAuth-2-0-re-authentication-asks-for-user-s-permission/m-p/617875#M28452</link>
      <description>&lt;P&gt;Hello,&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;I'm developing JS SPA which uses Dropbox as a storage. It has no backend, thus I'm using OAuth 2.0 code flow with PKCE.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;According to the documentation &lt;A href="https://developers.dropbox.com/oauth-guide:" target="_blank"&gt;https://developers.dropbox.com/oauth-guide:&amp;nbsp;&lt;/A&gt;&lt;/P&gt;&lt;P class="lia-indent-padding-left-30px"&gt;&amp;nbsp;&lt;/P&gt;&lt;P class="lia-indent-padding-left-30px"&gt;&lt;EM&gt;If the token expires - throwing a 401 error - your application may simply re-authenticate as described above. If your token is expired, but the user is signed into Dropbox and their&amp;nbsp;&lt;A href="https://help.dropbox.com/installs-integrations/third-party/third-party-apps" target="_blank"&gt;approval is still valid&lt;/A&gt;, the redirects will not require end-user input. A user’s approval remains valid until explicitly revoked.&lt;/EM&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;But if I redirect user to auth link, it still requires user to accept application and grant permissions.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Can I configure Dropbox to ask user for permissions only first time? So further token refresh will be seamless for user.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;--&lt;/P&gt;&lt;P&gt;Thanks,&lt;/P&gt;&lt;P&gt;Serhii&lt;/P&gt;</description>
      <pubDate>Tue, 23 Aug 2022 21:25:25 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Each-OAuth-2-0-re-authentication-asks-for-user-s-permission/m-p/617875#M28452</guid>
      <dc:creator>serge30</dc:creator>
      <dc:date>2022-08-23T21:25:25Z</dc:date>
    </item>
    <item>
      <title>Re: Each OAuth 2.0 re-authentication asks for user's permission</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Each-OAuth-2-0-re-authentication-asks-for-user-s-permission/m-p/617992#M28453</link>
      <description>&lt;P&gt;There isn't anything additional you should/can configure for this. Dropbox will automatically redirect through the flow when it can, but there are some exceptions. For example, it will only do so when an https:// redirect URI is supplied; it won't automatically redirect to http://. Also, if the user has &lt;A href="https://help.dropbox.com/accounts-billing/multiple-accounts/link-unlink-two-accounts" target="_blank"&gt;linked accounts&lt;/A&gt;, they won't be automatically redirected, as they need to select which account to use.&lt;/P&gt;</description>
      <pubDate>Wed, 24 Aug 2022 13:03:13 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Each-OAuth-2-0-re-authentication-asks-for-user-s-permission/m-p/617992#M28453</guid>
      <dc:creator>Greg-DB</dc:creator>
      <dc:date>2022-08-24T13:03:13Z</dc:date>
    </item>
    <item>
      <title>Re: Each OAuth 2.0 re-authentication asks for user's permission</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Each-OAuth-2-0-re-authentication-asks-for-user-s-permission/m-p/618024#M28454</link>
      <description>&lt;P&gt;Greg,&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Oh, I run app locally on &lt;A href="http://localhost" target="_blank" rel="noopener"&gt;http://localhost:3000&lt;/A&gt;&amp;nbsp;So that's a case.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Thank you!&lt;/P&gt;</description>
      <pubDate>Wed, 24 Aug 2022 14:41:41 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Each-OAuth-2-0-re-authentication-asks-for-user-s-permission/m-p/618024#M28454</guid>
      <dc:creator>serge30</dc:creator>
      <dc:date>2022-08-24T14:41:41Z</dc:date>
    </item>
  </channel>
</rss>

