<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic API v2 access token validity in Dropbox API Support &amp; Feedback</title>
    <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/API-v2-access-token-validity/m-p/215123#M11058</link>
    <description>&lt;P&gt;Hi,&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;We're upgrading from v1 to v2 and the new oauth2 is still not clear to me.&lt;/P&gt;&lt;P&gt;On the API documentation pages it says that the code authorization flow gives you the access token (after you used the given code) and there is also told about a refresh token? That implies that the access code now has a expiration date? I hope not.&lt;BR /&gt;&lt;BR /&gt;I thought that the access tokens (for use as authorization bearer) were valid until revoked by user?&lt;BR /&gt;So where are the refresh tokens for or are they optional? Can we just use the access tokens and use that until our customer revokes access? If not, how does the refresh tokens work? Please give some PHP / cURL examples if the refresh tokens are required.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Thank you in advance!&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
    <pubDate>Wed, 29 May 2019 09:23:56 GMT</pubDate>
    <dc:creator>ralph86</dc:creator>
    <dc:date>2019-05-29T09:23:56Z</dc:date>
    <item>
      <title>API v2 access token validity</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/API-v2-access-token-validity/m-p/215123#M11058</link>
      <description>&lt;P&gt;Hi,&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;We're upgrading from v1 to v2 and the new oauth2 is still not clear to me.&lt;/P&gt;&lt;P&gt;On the API documentation pages it says that the code authorization flow gives you the access token (after you used the given code) and there is also told about a refresh token? That implies that the access code now has a expiration date? I hope not.&lt;BR /&gt;&lt;BR /&gt;I thought that the access tokens (for use as authorization bearer) were valid until revoked by user?&lt;BR /&gt;So where are the refresh tokens for or are they optional? Can we just use the access tokens and use that until our customer revokes access? If not, how does the refresh tokens work? Please give some PHP / cURL examples if the refresh tokens are required.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Thank you in advance!&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Wed, 29 May 2019 09:23:56 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/API-v2-access-token-validity/m-p/215123#M11058</guid>
      <dc:creator>ralph86</dc:creator>
      <dc:date>2019-05-29T09:23:56Z</dc:date>
    </item>
    <item>
      <title>Re: API v2 access token validity</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/API-v2-access-token-validity/m-p/215425#M11079</link>
      <description>The Dropbox API OAuth 2 implementation does not use refresh tokens. (Can you link to the part of the documentation that was confusing? We can look into clarifying it.)&lt;BR /&gt;&lt;BR /&gt;Dropbox API OAuth 2 access tokens don't expire, but can be revoked at any time by the user or app.&lt;BR /&gt;&lt;BR /&gt;Note that "authorization codes" are different, and do expire after a few minutes. They should only be used immediately once to get an access token.</description>
      <pubDate>Mon, 10 Apr 2017 18:01:35 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/API-v2-access-token-validity/m-p/215425#M11079</guid>
      <dc:creator>Greg-DB</dc:creator>
      <dc:date>2017-04-10T18:01:35Z</dc:date>
    </item>
    <item>
      <title>Re: API v2 access token validity</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/API-v2-access-token-validity/m-p/215738#M11122</link>
      <description>&lt;P&gt;Thanks, clear!&lt;/P&gt;&lt;P&gt;I don't know where the specific page is located (I just browsed the docs).&lt;BR /&gt;&lt;BR /&gt;Another thing that isn't clear to me yet is the authorization page, the link differs in the doc.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;STRONG&gt;This page says:&lt;/STRONG&gt;&lt;BR /&gt;&lt;SPAN&gt;&lt;A href="https://www.dropbox.com" target="_blank"&gt;https://www.dropbox.com&lt;/A&gt;&lt;STRONG&gt;/1/&lt;/STRONG&gt;oauth2/authorize?&lt;BR /&gt;&lt;/SPAN&gt;Page:&amp;nbsp;&lt;A href="https://www.dropbox.com/developers/reference/oauth-guide" target="_blank"&gt;https://www.dropbox.com/developers/reference/oauth-guide&lt;/A&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;STRONG&gt;While this page says:&lt;/STRONG&gt;&lt;BR /&gt;&lt;A href="https://www.dropbox.com/oauth2/authorize" target="_blank"&gt;https://www.dropbox.com/oauth2/authorize&lt;/A&gt;&lt;/P&gt;&lt;P&gt;Page:&amp;nbsp;&lt;A href="https://www.dropbox.com/developers/documentation/http/documentation" target="_blank"&gt;https://www.dropbox.com/developers/documentation/http/documentation&lt;/A&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;What's the difference?&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Thanks again!&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Wed, 12 Apr 2017 08:24:45 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/API-v2-access-token-validity/m-p/215738#M11122</guid>
      <dc:creator>ralph86</dc:creator>
      <dc:date>2017-04-12T08:24:45Z</dc:date>
    </item>
    <item>
      <title>Re: API v2 access token validity</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/API-v2-access-token-validity/m-p/215818#M11130</link>
      <description>Those two are effectively the same. The first one was built with API v1, but we added another route without that part of the URL since it can be used for both API v1 and API v2. You should use the second one, without the /1/.</description>
      <pubDate>Wed, 12 Apr 2017 17:59:03 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/API-v2-access-token-validity/m-p/215818#M11130</guid>
      <dc:creator>Greg-DB</dc:creator>
      <dc:date>2017-04-12T17:59:03Z</dc:date>
    </item>
    <item>
      <title>Re: API v2 access token validity</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/API-v2-access-token-validity/m-p/215866#M11141</link>
      <description>Clear, thanks.</description>
      <pubDate>Wed, 12 Apr 2017 21:52:13 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/API-v2-access-token-validity/m-p/215866#M11141</guid>
      <dc:creator>ralph86</dc:creator>
      <dc:date>2017-04-12T21:52:13Z</dc:date>
    </item>
  </channel>
</rss>

