<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic App authorization drops out after inactive period? in Dropbox API Support &amp; Feedback</title>
    <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/App-authorization-drops-out-after-inactive-period/m-p/639290#M29467</link>
    <description>&lt;P&gt;Hi&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;I noticed that some subset of my users' authorizations become invalid after some time and I do not believe that the users explicitly revoke my Application access.&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; Is it possible that the authorization is revoked after the application folder has been idle/without modifications for some time (e.g. after a year or two)?&amp;nbsp;&amp;nbsp; If that is the case, is there any way to prevent this from happening?&amp;nbsp;&amp;nbsp; Note that I'm not talking about short lived access tokens here (which are marked as "token expired" error - these are addressed with refresh tokens and work fine).&amp;nbsp;&amp;nbsp; What I'm seeing is a more permanent failure ("invalid token").&amp;nbsp;&amp;nbsp;&amp;nbsp; These users have static files in the app folder for read access by the application.&amp;nbsp;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;As a workaround I'm sending an email to users once a year or so and ask them to re-authorize the app.. But there is probably a better way to handle that.&lt;/P&gt;</description>
    <pubDate>Fri, 25 Nov 2022 23:14:24 GMT</pubDate>
    <dc:creator>jjsk</dc:creator>
    <dc:date>2022-11-25T23:14:24Z</dc:date>
    <item>
      <title>App authorization drops out after inactive period?</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/App-authorization-drops-out-after-inactive-period/m-p/639290#M29467</link>
      <description>&lt;P&gt;Hi&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;I noticed that some subset of my users' authorizations become invalid after some time and I do not believe that the users explicitly revoke my Application access.&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; Is it possible that the authorization is revoked after the application folder has been idle/without modifications for some time (e.g. after a year or two)?&amp;nbsp;&amp;nbsp; If that is the case, is there any way to prevent this from happening?&amp;nbsp;&amp;nbsp; Note that I'm not talking about short lived access tokens here (which are marked as "token expired" error - these are addressed with refresh tokens and work fine).&amp;nbsp;&amp;nbsp; What I'm seeing is a more permanent failure ("invalid token").&amp;nbsp;&amp;nbsp;&amp;nbsp; These users have static files in the app folder for read access by the application.&amp;nbsp;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;As a workaround I'm sending an email to users once a year or so and ask them to re-authorize the app.. But there is probably a better way to handle that.&lt;/P&gt;</description>
      <pubDate>Fri, 25 Nov 2022 23:14:24 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/App-authorization-drops-out-after-inactive-period/m-p/639290#M29467</guid>
      <dc:creator>jjsk</dc:creator>
      <dc:date>2022-11-25T23:14:24Z</dc:date>
    </item>
    <item>
      <title>Re: App authorization drops out after inactive period?</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/App-authorization-drops-out-after-inactive-period/m-p/639300#M29468</link>
      <description>&lt;DIV&gt;&lt;SPAN class=" author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;By default, Dropbox API authorizations for your app don't become invalid and yield&lt;/SPAN&gt; &lt;SPAN class=" author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e h-apos"&gt;'invalid_access_token'&lt;/SPAN&gt;&lt;SPAN class=" author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt; by themselves, but there a number of different ways that a Dropbox API access token can become invalid, including:&lt;/SPAN&gt;&lt;/DIV&gt;
&lt;UL class="listtype-bullet listindent1 list-bullet1"&gt;
&lt;LI&gt;&lt;SPAN class=" author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;the user (or team admin) can revoke all access tokens for an app by unlinking it on any of the following Dropbox web pages:&lt;/SPAN&gt;&lt;/LI&gt;
&lt;UL class="listtype-bullet listindent2 list-bullet2"&gt;
&lt;LI&gt;&lt;SPAN class="attrlink url author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;&lt;A class="attrlink" href="https://www.dropbox.com/account/connected_apps" target="_blank" rel="noreferrer nofollow noopener" data-target-href="https://www.dropbox.com/account/connected_apps"&gt;the Connected apps page&lt;/A&gt;&lt;/SPAN&gt;&lt;/LI&gt;
&lt;LI&gt;&lt;SPAN class="attrlink url author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;&lt;A class="attrlink" href="https://www.dropbox.com/security_checkup" target="_blank" rel="noreferrer nofollow noopener" data-target-href="https://www.dropbox.com/security_checkup"&gt;the Security checkup page&lt;/A&gt;&lt;/SPAN&gt;&lt;/LI&gt;
&lt;LI&gt;&lt;SPAN class="attrlink url author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;&lt;A class="attrlink" href="https://www.dropbox.com/team/admin/settings/team_apps" target="_blank" rel="noreferrer nofollow noopener" data-target-href="https://www.dropbox.com/team/admin/settings/team_apps"&gt;the Team apps page&lt;/A&gt;&lt;/SPAN&gt;&lt;SPAN class=" author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt; on &lt;/SPAN&gt;&lt;SPAN class="attrlink url author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;&lt;A class="attrlink" href="https://www.dropbox.com/team/admin/settings?role=work" target="_blank" rel="noreferrer nofollow noopener" data-target-href="https://www.dropbox.com/team/admin/settings?role=work"&gt;the Settings section of Business Admin console&lt;/A&gt; (for team-linked apps)&lt;/SPAN&gt;&lt;/LI&gt;
&lt;LI&gt;&lt;SPAN class=" author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;the team member’s page on &lt;/SPAN&gt;&lt;SPAN class="attrlink url author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;&lt;A class="attrlink" href="https://www.dropbox.com/team/admin/members?role=work" target="_blank" rel="noreferrer nofollow noopener" data-target-href="https://www.dropbox.com/team/admin/members?role=work"&gt;the Members section of the Business Admin console&lt;/A&gt;&lt;/SPAN&gt;&lt;/LI&gt;
&lt;/UL&gt;
&lt;LI&gt;&lt;SPAN class=" author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;any client with the access token can revoke the access token by calling &lt;/SPAN&gt;&lt;SPAN class="attrlink url author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;&lt;A class="attrlink" href="https://www.dropbox.com/developers/documentation/http/documentation#auth-token-revoke" target="_blank" rel="noreferrer nofollow noopener" data-target-href="https://www.dropbox.com/developers/documentation/http/documentation#auth-token-revoke"&gt;/2/auth/token/revoke&lt;/A&gt;&lt;/SPAN&gt;&lt;/LI&gt;
&lt;LI&gt;&lt;SPAN class="attrlink url author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;&lt;A class="attrlink" href="https://help.github.com/en/github/administering-a-repository/about-token-scanning" target="_blank" rel="noreferrer nofollow noopener" data-target-href="https://help.github.com/en/github/administering-a-repository/about-token-scanning"&gt;the GitHub-Dropbox token scanning partnership&lt;/A&gt;&lt;/SPAN&gt;&lt;SPAN class=" author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt; can revoke access tokens found publicly posted on GitHub&lt;/SPAN&gt;&lt;/LI&gt;
&lt;LI&gt;&lt;SPAN class=" author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;if the app uses the&lt;/SPAN&gt; &lt;SPAN class=" author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e h-quot"&gt;"app&lt;/SPAN&gt;&lt;SPAN class=" author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt; folder" access type, the access token can effectively be disabled by deleting the app folder itself in the Dropbox account, via &lt;/SPAN&gt;&lt;SPAN class="attrlink url author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;&lt;A class="attrlink" href="https://www.dropbox.com/home" target="_blank" rel="noreferrer nofollow noopener" data-target-href="https://www.dropbox.com/home"&gt;the Dropbox website&lt;/A&gt;&lt;/SPAN&gt;&lt;SPAN class=" author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt; or any client&lt;/SPAN&gt;&lt;/LI&gt;
&lt;LI&gt;&lt;SPAN class=" author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;the app can be disabled&lt;/SPAN&gt;&lt;/LI&gt;
&lt;LI&gt;&lt;SPAN class=" author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;the account that owns the app can be disabled&lt;/SPAN&gt;&lt;/LI&gt;
&lt;LI&gt;&lt;SPAN class=" author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;the connected account/team can be disabled&lt;/SPAN&gt;&lt;/LI&gt;
&lt;/UL&gt;</description>
      <pubDate>Sat, 26 Nov 2022 03:10:05 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/App-authorization-drops-out-after-inactive-period/m-p/639300#M29468</guid>
      <dc:creator>Greg-DB</dc:creator>
      <dc:date>2022-11-26T03:10:05Z</dc:date>
    </item>
    <item>
      <title>Re: App authorization drops out after inactive period?</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/App-authorization-drops-out-after-inactive-period/m-p/639302#M29469</link>
      <description>&lt;P&gt;Thank you for the info.&amp;nbsp;&amp;nbsp; Does the user account itself become inactive after a while?&amp;nbsp; Lets say a user signed up for the app, authorized the folder with some content (in my case they are sound samples)&amp;nbsp; and then logged off and never logged back in...&amp;nbsp;&amp;nbsp;&amp;nbsp; Would user's inactivity at the dropbox site eventually put them in some sort of a dormant or archived state? &amp;nbsp; I can't think of a likely reason for losing access from the ones you listed above..&amp;nbsp;&amp;nbsp;&amp;nbsp; thanks.&lt;/P&gt;</description>
      <pubDate>Sat, 26 Nov 2022 03:21:46 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/App-authorization-drops-out-after-inactive-period/m-p/639302#M29469</guid>
      <dc:creator>jjsk</dc:creator>
      <dc:date>2022-11-26T03:21:46Z</dc:date>
    </item>
    <item>
      <title>Re: App authorization drops out after inactive period?</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/App-authorization-drops-out-after-inactive-period/m-p/639304#M29470</link>
      <description>&lt;P&gt;Yes, inactive accounts may be automatically disabled after a long period of time. You can find &lt;A href="https://help.dropbox.com/account-access/email-about-inactive-account" target="_blank"&gt;information on that here&lt;/A&gt;.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;It sounds like your app uses "app folder" access though, so it may be likely that some users are accidentally deleting the app folder, since that can be done from any connected client or the web site.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;In any case, i&lt;SPAN class=" author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;f the Dropbox API doesn't appear to be working as expected, feel free to contact support by &lt;/SPAN&gt;&lt;SPAN class="attrlink url author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;&lt;A class="attrlink" href="https://www.dropbox.com/developers/contact" target="_blank" rel="noreferrer nofollow noopener" data-target-href="https://www.dropbox.com/developers/contact"&gt;opening an API ticket&lt;/A&gt; with some samples and we can look into it&lt;/SPAN&gt;&lt;SPAN class=" author-d-42z69zz85zx9z84zz79zvz66zz71z4yz65zz67znhz79zc7fz89zz67z5z82zikmz70zz75ztz72zz83zuyz68zz122zz69z9z122zz122zv35e"&gt;.&lt;/SPAN&gt;&lt;/P&gt;</description>
      <pubDate>Sat, 26 Nov 2022 03:35:28 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/App-authorization-drops-out-after-inactive-period/m-p/639304#M29470</guid>
      <dc:creator>Greg-DB</dc:creator>
      <dc:date>2022-11-26T03:35:28Z</dc:date>
    </item>
    <item>
      <title>Re: App authorization drops out after inactive period?</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/App-authorization-drops-out-after-inactive-period/m-p/639306#M29471</link>
      <description>&lt;P&gt;I see this makes more sense now. I appreciate the explanation. &amp;nbsp; One last question :&amp;nbsp; if my app makes some io to the app folder (eg. saves a new file)&amp;nbsp; would that be sufficient to maintain access and prevent an account from idle deactivation?&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;I suspect that some of my users, even though interested in sharing, simply forget about their account once they published the files.&amp;nbsp; They continue to access the files via a separate search web site which uses the token to retrieve the files on demand and after a year or two suddenly no longer able to access them.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Sat, 26 Nov 2022 03:43:14 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/App-authorization-drops-out-after-inactive-period/m-p/639306#M29471</guid>
      <dc:creator>jjsk</dc:creator>
      <dc:date>2022-11-26T03:43:14Z</dc:date>
    </item>
    <item>
      <title>Re: App authorization drops out after inactive period?</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/App-authorization-drops-out-after-inactive-period/m-p/639493#M29476</link>
      <description>&lt;P&gt;Yes, according to &lt;A href="https://help.dropbox.com/account-access/email-about-inactive-account" target="_blank"&gt;the article&lt;/A&gt;, activity is based on "sign-ins, file shares, and file activity (adding, editing, or deleting)", so that should work.&lt;/P&gt;</description>
      <pubDate>Sun, 27 Nov 2022 19:20:07 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/App-authorization-drops-out-after-inactive-period/m-p/639493#M29476</guid>
      <dc:creator>Greg-DB</dc:creator>
      <dc:date>2022-11-27T19:20:07Z</dc:date>
    </item>
  </channel>
</rss>

