cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community
English
Announcements
Want to learn some quick and useful tips to make your day easier? Check out how Calvin uses Replay to get feedback from other teams at Dropbox here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

API v2 access token validity and authorization redirect URL response

Labels:

API v2 access token validity and authorization redirect URL response

jenseno
Explorer | Level 4
‎04-15-2017 01:58 AM
Go to solution

Is it correctly understood that the token I get from a user after the authorization flow, is valid until the user revokes it?  Meaning I can just store it securely in the app and use it each time it's needed?

 

Second question. If I can not close the browser that presented the dropbox authentication dialog (on calling redirect_uri, is there anything I can return that will says success or possible close the browser window?

 

Thanks in advance

 

Odin

 

Labels:
  • 0 Likes
  • 3 Replies
  • 2,306 Views
0 Likes
2 Accepted Solutions

Accepted Solutions

Greg-DB
Dropbox Staff
‎04-17-2017 10:46 AM
Go to solution
That's correct, a Dropbox API access token doesn't expire by itself, but it can be revoked at any time, by either the user or app. That being the case, your app should store and re-use the access token for a user.

What you can do with the final state of the browser in the app authorization flow depends on exactly how you have it implemented. Can you elaborate on how your setup currently works? Specifically, are you using an embedded browser or the external system browser, which OAuth 2 flow are you using, and what, if any, redirect URI are you using?

View solution in original post

0 Likes

Greg-DB
Dropbox Staff
‎04-17-2017 10:54 AM
Go to solution
Thanks for following up. In that case, returning an HTML success page like that is the best solution.

Note that we don't recommend using an embedded web view, as the Google Sign In flow won't work with that in the future:

https://developers.googleblog.com/2016/08/modernizing-oauth-interactions-in-native-apps.html

View solution in original post

0 Likes
3 Replies 3

Greg-DB
Dropbox Staff
‎04-17-2017 10:46 AM
Go to solution
That's correct, a Dropbox API access token doesn't expire by itself, but it can be revoked at any time, by either the user or app. That being the case, your app should store and re-use the access token for a user.

What you can do with the final state of the browser in the app authorization flow depends on exactly how you have it implemented. Can you elaborate on how your setup currently works? Specifically, are you using an embedded browser or the external system browser, which OAuth 2 flow are you using, and what, if any, redirect URI are you using?
0 Likes

jenseno
Explorer | Level 4
‎04-17-2017 10:53 AM
Go to solution

Hi. Thank for you answer. I use the system browser and redirect back to localhost inside my app.

Now I just return a HTML page with a message saying the user was authorized and they can return to the app.

Plus a link to close the browser window.

 

Later i'll probably switch to an embedded browser and the webpage will close itself 😉

Actually everything is working just fine, but I get a 400 error when trying to get a token from the code I get from the auth flow so I'm kinda stuck there.

0 Likes

Greg-DB
Dropbox Staff
‎04-17-2017 10:54 AM
Go to solution
Thanks for following up. In that case, returning an HTML success page like that is the best solution.

Note that we don't recommend using an embedded web view, as the Google Sign In flow won't work with that in the future:

https://developers.googleblog.com/2016/08/modernizing-oauth-interactions-in-native-apps.html
0 Likes
Need more support?
Who's talking

Top contributors to this post

  • User avatar
    Greg-DB Dropbox Staff
  • User avatar
    jenseno Explorer | Level 4
What do Dropbox user levels mean?