Discuss Dropbox Developer & API
As per the dropbox offline flow, I've set up a flow where I've generated a refresh token after the owner of the dropbox (me)
- Generated an access code using this URL
https://www.dropbox.com/oauth2/authorize?client_id<YOUR_APP_KEY>&response_type=code&token_access_type=offline
- Used the access code to generate a token using this request
curl https://api.dropbox.com/oauth2/token -d code=<ACCESS_CODE> -d grant_type=authorization_code -u <APP_KEY>:<APP_SECRET>
I was succesfully generating an access token with the refresh token that I got and my files were being uploaded.
After a month I come back and I get errors that my token no longer has permissions to do so.
This should not be the case since I did not set an expiration date on the refresh token or revoked any permissions.
Because this flow starts with an owner interaction, it cannot be restarted with an app in production as many uploads will be lost.
A new refresh token was generated and it all works now, but again I don't want this to happen in production.
How do I solve the issue?
Could be that during the dev process I accidentally created a refresh token without the app having valid permissions.
Can we keep this discussion alive just in case something pops up again?
I just want confirmation that the refresh token lives forever.
Thanks for your replies, in the end I re-started the whole process
1. Generated an access code
2. Requested a refresh token
3. Used the refresh token to get a new access token on each upload
4. Uploaded files.
Was pretty sure I got the whole flow right from the get go, this surprised me as I did not recall creating an app without permissions, but let's see if the token scope goes missing again.
I've saved all the creds so if anything pops up I'll contact you again.
Thank you for your help.
Dropbox API refresh tokens do not expire automatically, but they can be revoked on demand by the app or user.
And yes, you can reply here again if/when needed.
@andrejpet wrote:Could be that during the dev process I accidentally created a refresh token without the app having valid permissions.
...
If you used that token, for sure.
Hi there!
If you need more help you can view your support options (expected response time for a ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!