<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: What if I want the User to login each time in Dropbox API Support &amp; Feedback</title>
    <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247588#M14183</link>
    <description>&lt;P&gt;Finally, I was able to test it with https and it works perfectly. In fact, if I follow this approach, it works automatically, asking for login only once and then navigating automatically. This is great.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Thanks,&lt;/P&gt;
&lt;P&gt;Sanjay&lt;/P&gt;</description>
    <pubDate>Wed, 18 Oct 2017 02:22:39 GMT</pubDate>
    <dc:creator>sanjayssk</dc:creator>
    <dc:date>2017-10-18T02:22:39Z</dc:date>
    <item>
      <title>What if I want the User to login each time</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247101#M14122</link>
      <description>&lt;P&gt;I don't want to keep my own user membership db and login logic for my web app. My web app is going to be only for Dropbox and I want to rely on Dropbox Login only. Otherwise, saving the access token means, I have to associate it with the Email of the user. That means, I have to have my own login system asking Email of the user first before using the access token for Dropbox.&amp;nbsp;I want to avoid all that login system.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;That means, the web app will work the following way:&lt;/P&gt;
&lt;P&gt;1) There is no membership db or cookie so it remembers nothing about a user.&lt;/P&gt;
&lt;P&gt;2) Every time, the user wants to access it, he clicks on a "Login to Dropbox" button.&lt;/P&gt;
&lt;P&gt;3) Since Dropbox handles auto-login, the "Allow" screen comes up from Dropbox. Clicking on Allow starts the web app with its own folder.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;That means, the app goes through the Oauth2 initial logic (2 steps) to get authorization code and then get access token each time.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Questions:&lt;/P&gt;
&lt;P&gt;1) Is this 2-click usage acceptable behavior for a web app as per your policy?&amp;nbsp;&lt;/P&gt;
&lt;P&gt;2) If not, is there any scheme by which I can eliminate just Step 3? Then the user just clicks the Login button and the web app starts.&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Thanks.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Wed, 29 May 2019 09:18:13 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247101#M14122</guid>
      <dc:creator>sanjayssk</dc:creator>
      <dc:date>2019-05-29T09:18:13Z</dc:date>
    </item>
    <item>
      <title>Re: What if I want the User to login each time</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247104#M14124</link>
      <description>Just to clarify, I will be saving the access token in the Session only but not in any db.</description>
      <pubDate>Mon, 16 Oct 2017 05:03:31 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247104#M14124</guid>
      <dc:creator>sanjayssk</dc:creator>
      <dc:date>2017-10-16T05:03:31Z</dc:date>
    </item>
    <item>
      <title>Re: What if I want the User to login each time</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247235#M14139</link>
      <description>&lt;P&gt;1) Unfortunately we can't provide any absolute guarantee of your app's compliance based on a description, so you should be sure to review all the guidelines and terms before developing an app:&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&lt;A href="https://www.dropbox.com/developers/reference/tos" target="_blank"&gt;https://www.dropbox.com/developers/reference/tos&lt;/A&gt;&lt;BR /&gt;&lt;A href="https://www.dropbox.com/developers/reference/devguide" target="_blank"&gt;https://www.dropbox.com/developers/reference/devguide&lt;/A&gt;&lt;BR /&gt;&lt;A href="https://www.dropbox.com/developers/reference/branding" target="_blank"&gt;https://www.dropbox.com/developers/reference/branding&lt;/A&gt;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;2) To avoid having the user go through the&amp;nbsp;Dropbox app authorization flow each time, you would need to store the access token in their session/cookies and re-use it when they return.&lt;/P&gt;</description>
      <pubDate>Mon, 16 Oct 2017 16:56:30 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247235#M14139</guid>
      <dc:creator>Greg-DB</dc:creator>
      <dc:date>2017-10-16T16:56:30Z</dc:date>
    </item>
    <item>
      <title>Re: What if I want the User to login each time</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247354#M14155</link>
      <description>&lt;P&gt;&lt;SPAN&gt;&amp;gt;&amp;gt;To avoid having the user go through the&amp;nbsp;Dropbox app authorization flow each time, you would need to store the access token in their session/cookies and re-use it when they return.&amp;lt;&amp;lt;&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;I have no problem in saving the access token in the DB against the Email. But next time when the user comes to use the App, I want Dropbox to authenticate the user, just for Login, before I use the saved access token. In other words, the user should then login to Dropbox but should not be presented with Allow dialog and should not generate another access token. Is that possible? I want to use the saved access token for a user next time only if he is authenticated by Dropbox.&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;&amp;nbsp;&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;Thanks,&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;Sanjay&lt;/SPAN&gt;&lt;/P&gt;</description>
      <pubDate>Tue, 17 Oct 2017 11:11:09 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247354#M14155</guid>
      <dc:creator>sanjayssk</dc:creator>
      <dc:date>2017-10-17T11:11:09Z</dc:date>
    </item>
    <item>
      <title>Re: What if I want the User to login each time</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247355#M14156</link>
      <description>Apparently, many may want this feature. For example, here is a thread on SO that has exactly a similar question with no solution so far.&lt;BR /&gt;&lt;A href="https://stackoverflow.com/questions/12275100/is-there-a-way-to-use-dropbox-for-authentication-without-re-authorization" target="_blank"&gt;https://stackoverflow.com/questions/12275100/is-there-a-way-to-use-dropbox-for-authentication-without-re-authorization&lt;/A&gt;</description>
      <pubDate>Tue, 17 Oct 2017 11:16:28 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247355#M14156</guid>
      <dc:creator>sanjayssk</dc:creator>
      <dc:date>2017-10-17T11:16:28Z</dc:date>
    </item>
    <item>
      <title>Re: What if I want the User to login each time</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247407#M14162</link>
      <description>&lt;P&gt;This is sort of already possible. If you send the user through the app authorization flow again, they may (e.g., as long as your app's redirect URI uses https://) be automatically redirected, without having to click "Allow", if they've already authorized the app. You can find a note about this under "force_reapprove" in the documentation:&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&lt;A href="https://www.dropbox.com/developers/documentation/http/documentation#oauth2-authorize" target="_blank"&gt;https://www.dropbox.com/developers/documentation/http/documentation#oauth2-authorize&lt;/A&gt;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Note that this still will return a new access token to your app though.&lt;/P&gt;</description>
      <pubDate>Tue, 17 Oct 2017 13:56:14 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247407#M14162</guid>
      <dc:creator>Greg-DB</dc:creator>
      <dc:date>2017-10-17T13:56:14Z</dc:date>
    </item>
    <item>
      <title>Re: What if I want the User to login each time</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247440#M14167</link>
      <description>&lt;P&gt;That's exactly what I want. That means, I can just save a flag in the cookie that says it was approved once. And use it to switch on that option. Switch it off only if the user wants to switch the dropbox accounts by some other action.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;&amp;gt;&amp;gt;Note that this still will return a new access token to your app though.&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;That's OK. Will it create a problem for Dropbox system itself to have too many access tokens generated? Or does it automatically recycle by invalidating the old one?&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Thanks,&lt;/P&gt;
&lt;P&gt;Sanjay&lt;/P&gt;</description>
      <pubDate>Tue, 17 Oct 2017 15:44:46 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247440#M14167</guid>
      <dc:creator>sanjayssk</dc:creator>
      <dc:date>2017-10-17T15:44:46Z</dc:date>
    </item>
    <item>
      <title>Re: What if I want the User to login each time</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247441#M14168</link>
      <description>There isn't a limit to the number of access tokens that can be created for an app-user pair, and I'm not aware of any issues arising from creating many. Dropbox won't automatically recycle/invalidate them.</description>
      <pubDate>Tue, 17 Oct 2017 15:47:30 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247441#M14168</guid>
      <dc:creator>Greg-DB</dc:creator>
      <dc:date>2017-10-17T15:47:30Z</dc:date>
    </item>
    <item>
      <title>Re: What if I want the User to login each time</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247588#M14183</link>
      <description>&lt;P&gt;Finally, I was able to test it with https and it works perfectly. In fact, if I follow this approach, it works automatically, asking for login only once and then navigating automatically. This is great.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Thanks,&lt;/P&gt;
&lt;P&gt;Sanjay&lt;/P&gt;</description>
      <pubDate>Wed, 18 Oct 2017 02:22:39 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-if-I-want-the-User-to-login-each-time/m-p/247588#M14183</guid>
      <dc:creator>sanjayssk</dc:creator>
      <dc:date>2017-10-18T02:22:39Z</dc:date>
    </item>
  </channel>
</rss>

