<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: What's the correct way to handle expired access token in Dropbox API Support &amp; Feedback</title>
    <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718107#M31807</link>
    <description>&lt;P&gt;Remove duplicated post&lt;/P&gt;</description>
    <pubDate>Tue, 03 Oct 2023 03:52:21 GMT</pubDate>
    <dc:creator>cjacky475</dc:creator>
    <dc:date>2023-10-03T03:52:21Z</dc:date>
    <item>
      <title>What's the correct way to handle expired access token</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718045#M31795</link>
      <description>&lt;P&gt;Hello, after user authenticates via OAuth2 I request refresh token, which I store on user's mobile device. Now to perform various actions (upload/download) from the user's Dropbox storage, I build:&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;LI-CODE lang="java"&gt;DbxClientV2(config, credentials)&lt;/LI-CODE&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;As I was reading this post&amp;nbsp;&lt;A href="https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Is-it-possible-to-get-a-permanent-token-for-uploading-files-to/td-p/712091" target="_self"&gt;https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Is-it-possible-to-get-a-permanent-token-for-uploading-files-to/td-p/712091&lt;/A&gt;&amp;nbsp;it was mentioned that "&lt;STRONG&gt;T&lt;/STRONG&gt;&lt;SPAN&gt;&lt;STRONG&gt;he SDK will automatically catch expired access token errors and call the API to get a new short-lived access token when needed.&lt;/STRONG&gt;" What's the correct way for me to catch whether API was called to receive new access token or what would be the best practice to get the new access token and store it for further calls until it expires? Or do I need to do this manually in &lt;STRONG&gt;try { } catch { } &lt;/STRONG&gt;or by checking the expiration date of the access token and then call:&amp;nbsp;&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;LI-CODE lang="java"&gt;client.refreshAccessToken()&lt;/LI-CODE&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Thanks.&lt;/P&gt;</description>
      <pubDate>Mon, 02 Oct 2023 12:14:08 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718045#M31795</guid>
      <dc:creator>cjacky475</dc:creator>
      <dc:date>2023-10-02T12:14:08Z</dc:date>
    </item>
    <item>
      <title>Re: What's the correct way to handle expired access token</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718063#M31797</link>
      <description>&lt;BLOCKQUOTE&gt;&lt;HR /&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1751073"&gt;@cjacky475&lt;/a&gt;&amp;nbsp;wrote:&lt;BR /&gt;&lt;P&gt;... "&lt;STRONG&gt;T&lt;/STRONG&gt;&lt;SPAN&gt;&lt;STRONG&gt;he SDK will automatically catch expired access token errors and call the API to get a new short-lived access token when needed.&lt;/STRONG&gt;" ... Or do I need to do this manually in &lt;STRONG&gt;try { } catch { } &lt;/STRONG&gt;or by checking the expiration date of the access token and then ...&lt;/SPAN&gt;&lt;/P&gt;&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;Hi &lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1751073"&gt;@cjacky475&lt;/a&gt;,&lt;/P&gt;&lt;P&gt;&lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@D88F213CAFB196B6AB70612B08AD9D31/emoticons/1f601.png" alt=":beaming_face_with_smiling_eyes:" title=":beaming_face_with_smiling_eyes:" /&gt;You give correct answer to you own question actually. You don't need to handle anything to refresh access token, since SDKs do it internally. Even more: there's nothing to catch! So using try-catch is not applicable. All SDKs check expiration status and do refresh without need error to happen, so in any try-catch you gonna catch nothing such. &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@41457EF40051AFF130FDBFE21B496926/emoticons/1f609.png" alt=":winking_face:" title=":winking_face:" /&gt; While particular client object has been initialized correctly and works, you don't need to care about refreshing in any way.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;BLOCKQUOTE&gt;&lt;HR /&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1751073"&gt;@cjacky475&lt;/a&gt;&amp;nbsp;wrote:&lt;BR /&gt;&lt;P&gt;&lt;SPAN&gt;... or what would be the best practice to get the new access token and store it for further calls until it expires? &lt;/SPAN&gt;...&lt;/P&gt;&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;As mentioned already, the simplest way is to do nothing (including once initially store your credentials don't change them). This is a good way to handle long running client object. If you construct client object for few operations in relatively short time, some optimizations may be done. To avoid refreshing the same access token meaningless, you may update stored access token (or credentials at all) at current object end of use. So on next client object' construction will not need refreshing all the time (or not mandatory, at least, but only when absolutely needed - again, handled internally). This is a good optimization step that usually don't need much more than a single line of code.&lt;/P&gt;&lt;P&gt;Hope this helps.&lt;/P&gt;</description>
      <pubDate>Mon, 02 Oct 2023 13:22:32 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718063#M31797</guid>
      <dc:creator>Здравко</dc:creator>
      <dc:date>2023-10-02T13:22:32Z</dc:date>
    </item>
    <item>
      <title>Re: What's the correct way to handle expired access token</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718078#M31798</link>
      <description>&lt;BLOCKQUOTE&gt;To avoid refreshing the same access token meaningless, you may update stored access token (or credentials at all) at current object end of use.&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;Hi, &lt;A href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/422790" target="_self"&gt;&lt;SPAN class=""&gt;Здравко&lt;/SPAN&gt;&lt;/A&gt;, thanks for the answer. That's exactly what I would need to do. Could you please elabore more on &lt;STRONG&gt;when&lt;/STRONG&gt;&amp;nbsp;and &lt;STRONG&gt;how&amp;nbsp;&lt;/STRONG&gt;exactly I would need to do that for the best practice? Let's say I perform:&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;LI-CODE lang="java"&gt;client.files().download("/database.sql").download(outputStream)&lt;/LI-CODE&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Now if the&amp;nbsp;&lt;STRONG&gt;access token&amp;nbsp;&lt;/STRONG&gt;was expired, the SDK would automatically update the access token, right? &lt;STRONG&gt;How to get it&lt;/STRONG&gt; to store for further client object creations?&lt;/P&gt;&lt;P&gt;Thanks.&lt;/P&gt;</description>
      <pubDate>Mon, 02 Oct 2023 14:43:35 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718078#M31798</guid>
      <dc:creator>cjacky475</dc:creator>
      <dc:date>2023-10-02T14:43:35Z</dc:date>
    </item>
    <item>
      <title>Re: What's the correct way to handle expired access token</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718087#M31801</link>
      <description>&lt;P&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1751073"&gt;@cjacky475&lt;/a&gt;&amp;nbsp;Здравко is correct; when using an official Dropbox SDK and supplying a refresh token, you do not need to catch this in your own code. &lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;It looks like you're using the Dropbox Java SDK, so if you're interested, you can see &lt;A href="https://github.com/dropbox/dropbox-sdk-java/blob/d96bbd5c28b1d2398957931e0ca1e3568b2df41d/core/src/main/java/com/dropbox/core/v2/DbxRawClientV2.java#L361" target="_blank"&gt;where the Java SDK handles this error internally for you here&lt;/A&gt;.&lt;/P&gt;</description>
      <pubDate>Mon, 02 Oct 2023 15:17:15 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718087#M31801</guid>
      <dc:creator>Greg-DB</dc:creator>
      <dc:date>2023-10-02T15:17:15Z</dc:date>
    </item>
    <item>
      <title>Re: What's the correct way to handle expired access token</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718092#M31802</link>
      <description>&lt;P&gt;Hi, &lt;A href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/10" target="_self"&gt;&lt;SPAN class=""&gt;Greg-DB&lt;/SPAN&gt;&lt;/A&gt;, thanks for the answer. What if I perform a lot of operations, how is this secure to constantly use refresh token to get the access token? Is there no way to get the access token after it was refreshed internally in the SDK? This way I could store the access token and next time use it to instantiate the client object. Thanks.&lt;/P&gt;</description>
      <pubDate>Mon, 02 Oct 2023 15:38:04 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718092#M31802</guid>
      <dc:creator>cjacky475</dc:creator>
      <dc:date>2023-10-02T15:38:04Z</dc:date>
    </item>
    <item>
      <title>Re: What's the correct way to handle expired access token</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718098#M31804</link>
      <description>&lt;P&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1751073"&gt;@cjacky475&lt;/a&gt; The use of a refresh token works the same way whether you make a small or large number of calls. The SDK doesn't perform a refresh on every single call; it only performs the refresh when it needs to.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;And as Здравко said, it is not required, but you can retrieve the current access token using &lt;A href="https://dropbox.github.io/dropbox-sdk-java/api-docs/v5.4.3/com/dropbox/core/oauth/DbxCredential.html#getAccessToken()" target="_self"&gt;DbxCredential.getAccessToken&lt;/A&gt; if you want.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Mon, 02 Oct 2023 15:54:42 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718098#M31804</guid>
      <dc:creator>Greg-DB</dc:creator>
      <dc:date>2023-10-02T15:54:42Z</dc:date>
    </item>
    <item>
      <title>Re: What's the correct way to handle expired access token</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718102#M31805</link>
      <description>&lt;BLOCKQUOTE&gt;&lt;HR /&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/10"&gt;@Greg-DB&lt;/a&gt;&amp;nbsp;wrote:&lt;BR /&gt;&lt;P&gt;...&lt;/P&gt;&lt;P&gt;It looks like you're using the Dropbox Java SDK, so if you're interested, you can see &lt;A href="https://github.com/dropbox/dropbox-sdk-java/blob/d96bbd5c28b1d2398957931e0ca1e3568b2df41d/core/src/main/java/com/dropbox/core/v2/DbxRawClientV2.java#L361" target="_blank" rel="noopener"&gt;where the Java SDK handles this error internally for you here&lt;/A&gt;.&lt;/P&gt;&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;Greg, it's almost impossible code flow to reach to there (or should be, at least). It's something like emergency way, used by exception if something in regular flow fails. Regular refresh happens &lt;A href="https://github.com/dropbox/dropbox-sdk-java/blob/d96bbd5c28b1d2398957931e0ca1e3568b2df41d/core/src/main/java/com/dropbox/core/v2/DbxRawClientV2.java#L97" target="_blank" rel="noopener"&gt;here&lt;/A&gt;. &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@FBF7D2AB59A0D6E861EBF6A36F93B7E2/emoticons/1f642.png" alt=":slightly_smiling_face:" title=":slightly_smiling_face:" /&gt;&lt;/P&gt;&lt;P&gt;It's better serialization to be performed using the appropriate writer, part of the credential object, not fetching the fields one by one. &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@41457EF40051AFF130FDBFE21B496926/emoticons/1f609.png" alt=":winking_face:" title=":winking_face:" /&gt; Updating access token without moment of expiration is meaningless.&lt;/P&gt;</description>
      <pubDate>Mon, 02 Oct 2023 16:06:12 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718102#M31805</guid>
      <dc:creator>Здравко</dc:creator>
      <dc:date>2023-10-02T16:06:12Z</dc:date>
    </item>
    <item>
      <title>Re: What's the correct way to handle expired access token</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718106#M31806</link>
      <description>&lt;P&gt;Remove duplicated post&lt;/P&gt;</description>
      <pubDate>Tue, 03 Oct 2023 03:52:13 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718106#M31806</guid>
      <dc:creator>cjacky475</dc:creator>
      <dc:date>2023-10-03T03:52:13Z</dc:date>
    </item>
    <item>
      <title>Re: What's the correct way to handle expired access token</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718107#M31807</link>
      <description>&lt;P&gt;Remove duplicated post&lt;/P&gt;</description>
      <pubDate>Tue, 03 Oct 2023 03:52:21 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718107#M31807</guid>
      <dc:creator>cjacky475</dc:creator>
      <dc:date>2023-10-03T03:52:21Z</dc:date>
    </item>
    <item>
      <title>Re: What's the correct way to handle expired access token</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718109#M31808</link>
      <description>&lt;P&gt;Remove duplicated post&lt;/P&gt;</description>
      <pubDate>Tue, 03 Oct 2023 03:52:29 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718109#M31808</guid>
      <dc:creator>cjacky475</dc:creator>
      <dc:date>2023-10-03T03:52:29Z</dc:date>
    </item>
    <item>
      <title>Re: What's the correct way to handle expired access token</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718113#M31809</link>
      <description>&lt;P&gt;Not sure what's happening, my replies keeps dissapearing or I cannot see them.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;BLOCKQUOTE&gt;&lt;HR /&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/10"&gt;@Greg-DB&lt;/a&gt;&amp;nbsp;wrote:&lt;BR /&gt;&lt;P&gt;The SDK doesn't perform a refresh on every single call; it only performs the refresh when it needs to.&lt;/P&gt;&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;Each time user's local data changes I push them to the Dropbox. Each time I create&lt;/P&gt;&lt;LI-CODE lang="java"&gt;DbxClientV2(config, credentials)&lt;/LI-CODE&gt;&lt;P&gt;&lt;BR /&gt;This way SDK will be refreshing the access token, since I always provide the old one.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;BLOCKQUOTE&gt;&lt;HR /&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/10"&gt;@Greg-DB&lt;/a&gt;&amp;nbsp;wrote:&lt;P&gt;And as Здравко said, it is not required, but you can retrieve the current access token using &lt;A href="https://dropbox.github.io/dropbox-sdk-java/api-docs/v5.4.3/com/dropbox/core/oauth/DbxCredential.html#getAccessToken()" target="_self"&gt;DbxCredential.getAccessToken&lt;/A&gt; if you want.&lt;/P&gt;&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;The access token stored in the &lt;STRONG&gt;DbxCredential&lt;/STRONG&gt; object that I used to create the &lt;STRONG&gt;DbxClientV2&lt;/STRONG&gt; stores the old access token.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;STRONG&gt;My question again:&lt;/STRONG&gt; after I instantiate user, perform some operations, how to get the updated access token? Can I get it from the client object? The SDK automatically refreshes the access token and where does it store it for me to access it? Thanks.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;As from my current understanding, SDK updates the token internally for the current client. After I create client again, I provide the old access token and the refresh process starts again. Each time I instantiate the client, refresh will happen, until I manually call the refresh token method, get the access token, and save it, right?&lt;/P&gt;</description>
      <pubDate>Mon, 02 Oct 2023 16:57:04 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718113#M31809</guid>
      <dc:creator>cjacky475</dc:creator>
      <dc:date>2023-10-02T16:57:04Z</dc:date>
    </item>
    <item>
      <title>Re: What's the correct way to handle expired access token</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718114#M31810</link>
      <description>&lt;BLOCKQUOTE&gt;&lt;HR /&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/10"&gt;@Greg-DB&lt;/a&gt;&amp;nbsp;wrote:&lt;BR /&gt;&lt;P&gt;The SDK doesn't perform a refresh on every single call; it only performs the refresh when it needs to.&lt;/P&gt;&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;Each time user's local data changes I push them to the Dropbox. Each time I create&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;LI-CODE lang="java"&gt;DbxClientV2(config, credentials)&lt;/LI-CODE&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;BR /&gt;This way SDK will be refreshing the access token, since I always provide the old access token.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;BLOCKQUOTE&gt;&lt;HR /&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/10"&gt;@Greg-DB&lt;/a&gt;&amp;nbsp;wrote:&lt;P&gt;And as Здравко said, it is not required, but you can retrieve the current access token using &lt;A href="https://dropbox.github.io/dropbox-sdk-java/api-docs/v5.4.3/com/dropbox/core/oauth/DbxCredential.html#getAccessToken()" target="_self"&gt;DbxCredential.getAccessToken&lt;/A&gt; if you want.&lt;/P&gt;&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;The access token stored in the &lt;STRONG&gt;DbxCredential&lt;/STRONG&gt; object that I used to create the &lt;STRONG&gt;DbxClientV2&lt;/STRONG&gt; stores the old access token.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;STRONG&gt;My question again:&lt;/STRONG&gt; after I instantiate user, perform some operations, how to get the updated access token? Can I get it from the client object? The SDK automatically refreshes the access token and where does it store it for me to access it? Thanks.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;As from my current understanding, SDK updates the token internally for the current client. After I create client again, I provide the old access token and the refresh process starts again. Each time I instantiate the client, refresh will happen, until I manually call the refresh token method, get the access token, and save it, right?&lt;/P&gt;</description>
      <pubDate>Mon, 02 Oct 2023 16:59:25 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718114#M31810</guid>
      <dc:creator>cjacky475</dc:creator>
      <dc:date>2023-10-02T16:59:25Z</dc:date>
    </item>
    <item>
      <title>Re: What's the correct way to handle expired access token</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718248#M31815</link>
      <description>&lt;P&gt;Hi again &lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1751073"&gt;@cjacky475&lt;/a&gt;,&lt;/P&gt;&lt;P&gt;As seems the spam filter has caught your post 🤷 It happens from time to time - fake positive detection.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;BLOCKQUOTE&gt;&lt;HR /&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1751073"&gt;@cjacky475&lt;/a&gt;&amp;nbsp;wrote:&lt;P&gt;...&lt;/P&gt;&lt;P&gt;As from my current understanding, SDK updates the token internally for the current client. After I create client again, I provide the old access token and the refresh process starts again. Each time I instantiate the client, refresh will happen, until I manually call the refresh token method, get the access token, and save it, right?&lt;/P&gt;&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;In general Yes, but not need to perform it manually. Something more: DbxCredential class with nested classes and static objects ('&lt;A href="https://github.com/dropbox/dropbox-sdk-java/blob/main/core/src/main/java/com/dropbox/core/oauth/DbxCredential.java#L317" target="_blank" rel="noopener"&gt;JsonWriter&amp;lt;DbxCredential&amp;gt; Writer&lt;/A&gt;' and '&lt;A href="https://github.com/dropbox/dropbox-sdk-java/blob/main/core/src/main/java/com/dropbox/core/oauth/DbxCredential.java#L265" target="_blank" rel="noopener"&gt;JsonReader&amp;lt;DbxCredential&amp;gt; Reader&lt;/A&gt;') make store and read entire credentials information much more easy and less error prone. Updating the access token only is insecure. The client updates everything needed within DbxCredetial object.&amp;nbsp;&lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@41457EF40051AFF130FDBFE21B496926/emoticons/1f609.png" alt=":winking_face:" title=":winking_face:" /&gt; Saving entire content and read back whenever needed (on next client object construction) is the best practice (in spite not something mandatory).&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;BLOCKQUOTE&gt;&lt;HR /&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1751073"&gt;@cjacky475&lt;/a&gt;&amp;nbsp;wrote:&lt;P&gt;...&lt;BR /&gt;This way SDK will be refreshing the access token, since I always provide the old access token.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;BLOCKQUOTE&gt;&lt;HR /&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/10"&gt;@Greg-DB&lt;/a&gt;&amp;nbsp;wrote:&lt;P&gt;And as Здравко said, it is not required, but you can retrieve the current access token using &lt;A href="https://dropbox.github.io/dropbox-sdk-java/api-docs/v5.4.3/com/dropbox/core/oauth/DbxCredential.html#getAccessToken()" target="_self"&gt;DbxCredential.getAccessToken&lt;/A&gt; if you want.&lt;/P&gt;&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;The access token stored in the &lt;STRONG&gt;DbxCredential&lt;/STRONG&gt; object that I used to create the &lt;STRONG&gt;DbxClientV2&lt;/STRONG&gt; stores the old access token.&lt;/P&gt;&lt;P&gt;...&lt;/P&gt;&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;Whenever needed (i.e. when valid access token is needed, but the previous one is expired already) the client will update all needed in the passed DbxCredential object. Yes, if the passed object contains only outdated data (including access token), refresh will be forced on every first operation. Something no best when client objects are going to construct relatively often - it's unlikely refresh to be mandatory/needed every single time. That's why the information in credential object is good to be stored at the object work finish (not only the access token). So when read the next time, the information will be actual.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;BLOCKQUOTE&gt;&lt;HR /&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1751073"&gt;@cjacky475&lt;/a&gt;&amp;nbsp;wrote:&lt;P&gt;...&lt;/P&gt;&lt;P&gt;&lt;STRONG&gt;My question again:&lt;/STRONG&gt; after I instantiate user, perform some operations, how to get the updated access token? Can I get it from the client object? The SDK automatically refreshes the access token and where does it store it for me to access it? Thanks.&lt;/P&gt;&lt;P&gt;...&lt;/P&gt;&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;Let's think a bit...&lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@9AD39CA637682E9616FBE31CDAF1B6C4/emoticons/1f914.png" alt=":thinking_face:" title=":thinking_face:" /&gt; There are different ways an argument to be passed to a method/constructor. They commonly are divided to passed by value and passed by reference. Do you know how are they distinct? 🧐 ... and what are you using actually in your code? &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@EA4D5AD6084EAC95CB4E739348E74CC6/emoticons/1f615.png" alt=":confused_face:" title=":confused_face:" /&gt;... &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@D6F1E7339C4A1D356873D19B1E420FB0/emoticons/1f62f.png" alt=":hushed_face:" title=":hushed_face:" /&gt;&lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@D88F213CAFB196B6AB70612B08AD9D31/emoticons/1f601.png" alt=":beaming_face_with_smiling_eyes:" title=":beaming_face_with_smiling_eyes:" /&gt;&lt;/P&gt;&lt;P&gt;Hope this gives some directions... of thinking. &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@41457EF40051AFF130FDBFE21B496926/emoticons/1f609.png" alt=":winking_face:" title=":winking_face:" /&gt;&lt;/P&gt;</description>
      <pubDate>Tue, 03 Oct 2023 02:30:03 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718248#M31815</guid>
      <dc:creator>Здравко</dc:creator>
      <dc:date>2023-10-03T02:30:03Z</dc:date>
    </item>
    <item>
      <title>Re: What's the correct way to handle expired access token</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718290#M31820</link>
      <description>&lt;P&gt;Hi again&amp;nbsp;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/422790"&gt;@Здравко&lt;/a&gt;, thanks for explaining, you see, I do not know exactly how it works under the hood or that Dropbox SDK updates my passed object to the client creation. It really does update the&lt;/P&gt;&lt;DIV&gt;&lt;PRE&gt;DbxCredential&lt;/PRE&gt;&lt;P&gt;object which I have passed to the client object creation. After all operations I will get the access token and store it locally. Next time user gets created, I will pass that access token together with expiration time. Thanks again. I hope what I am doing is for the better performance.&lt;/P&gt;&lt;/DIV&gt;</description>
      <pubDate>Tue, 03 Oct 2023 07:53:48 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718290#M31820</guid>
      <dc:creator>cjacky475</dc:creator>
      <dc:date>2023-10-03T07:53:48Z</dc:date>
    </item>
    <item>
      <title>Re: What's the correct way to handle expired access token</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718325#M31821</link>
      <description>&lt;BLOCKQUOTE&gt;&lt;HR /&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1751073"&gt;@cjacky475&lt;/a&gt;&amp;nbsp;wrote:&lt;BR /&gt;&lt;P&gt;..., you see, I do not know exactly how it works under the hood or that Dropbox SDK updates my passed object to the client creation. It really does update the&lt;/P&gt;&lt;DIV&gt;&lt;PRE&gt;DbxCredential&lt;/PRE&gt;&lt;P&gt;object which I have passed to the client object creation. ...&lt;/P&gt;&lt;/DIV&gt;&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1751073"&gt;@cjacky475&lt;/a&gt;, I see that you are not aware of how Java works! 🙋 It's not about how Dropbox SDK works - it's likely the SDK' developers have this done unintentionally. &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@41457EF40051AFF130FDBFE21B496926/emoticons/1f609.png" alt=":winking_face:" title=":winking_face:" /&gt; In Java all object are passed by reference! Only internal values (integers, floats, etc.) if not wrapped, are passed by value. You have to know this. Once knowing all&amp;nbsp;specifics of the programming language, you're using, you can exploit them whenever needed.&lt;/P&gt;&lt;P&gt;Good luck.&lt;/P&gt;</description>
      <pubDate>Tue, 03 Oct 2023 10:49:25 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/What-s-the-correct-way-to-handle-expired-access-token/m-p/718325#M31821</guid>
      <dc:creator>Здравко</dc:creator>
      <dc:date>2023-10-03T10:49:25Z</dc:date>
    </item>
  </channel>
</rss>

