cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Share your feedback on the Document Scanning Experience in the Dropbox App right here.

Discuss Dropbox Developer & API

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

BackEnd Process with C#

BackEnd Process with C#

dbapiadmin
Helpful | Level 5
Go to solution

I have a back-end process (without UI) that uses the dropboxteamclient and I have to do a number of reporting, file management in team folders. However, the current API is to use everything with HTTP redirect to get an accesstoken. How do we do this with a back-end process? I'm currently really stuck because I'm getting short lived tokens from the Developer page using "Generate Token". There has to be a better way for backend processes?

 

using (var teamClient = new DropboxTeamClient(token))
{

var memberList = teamClient.Team.MembersListAsync().Result;
foreach (var member in memberList.Members)
{
if(member.Profile.Email == "email@mycomany.com")
{
memId = member.Profile.TeamMemberId;
}
}

var dbx = teamClient.AsMember(memId);
var accountInfo = dbx.Users.GetCurrentAccountAsync();
dbx = dbx.WithPathRoot(new PathRoot.NamespaceId("xxxxxxx")); // To get Folders


}

1 Accepted Solution

Accepted Solutions

dbapiadmin
Helpful | Level 5
Go to solution

It's working I changed the sample code to 

 

var http = new HttpListener();
http.Prefixes.Add("http://*:port/");

 

 

View solution in original post

5 Replies 5

Greg-DB
Dropbox Staff
Go to solution

Dropbox is in the process of switching to only issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens. You can find more information on this migration here.

 

Apps can still get long-term access by requesting "offline" access though, in which case the app receives a "refresh token" that can be used to retrieve new short-lived access tokens as needed, without further manual user intervention. You can find more information in the OAuth Guide and authorization documentation.

 

It is not possible to fully automate the OAuth process where the user chooses to authorize the app and the app then receives the resulting access token and optional refresh token. This needs to be done manually by the user at least once. If your app needs to maintain long-term access without the user manually re-authorizing it repeatedly, the app should request "offline" access so that it gets a refresh token. The refresh token doesn't expire and can be stored and used repeatedly to get new short-lived access tokens whenever needed, without the user manually reauthorizing the app.

 

You can find an example of processing the app authorization flow and getting and using a refresh token in the OauthBasic example (non-PKCE, meant for server-side apps) as well as in the OAuthPKCE example (PKCE, meant for client-side apps). The SDK will handle the refresh process for you automatically as long as you supply the credentials as shown in the examples.

 

For reference, while the creation of new long-lived access tokens is now deprecated, we don't currently have a plan to disable existing long-lived access tokens. (If that changes, we will of course announce that ahead of time.) That being the case, you can continue using existing long-lived access token(s) without interruption, if you have any. Also, note though that after the change you won't be able to create new long-lived access tokens.

 

While the change began on September 30th 2021, we're releasing it gradually, so you may not have seen your app(s) affected until now. Once it applies to your app, it would apply regardless of the "Access token expiration" setting for your app, and that setting may no longer be available for your app.

dbapiadmin
Helpful | Level 5
Go to solution

I have tried the OAuth Basic flow but it seems that opens a local window and we have to authorize again. Is there something we can do so we don't have to open a browser window? This is an unattended server side application.

Greg-DB
Dropbox Staff
Go to solution

You only need to do the authorization flow in the browser once per user. You can then store and re-use the resulting refresh token without further manual action. Refresh tokens can be re-used repeatedly and don't expire automatically.

dbapiadmin
Helpful | Level 5
Go to solution

Thanks, I'm trying the OAuthTest sample project that you guys provide, and it keeps saying that 127.0.0.1 port number is refused and not able to connect. Is there something else I need to do?

dbapiadmin
Helpful | Level 5
Go to solution

It's working I changed the sample code to 

 

var http = new HttpListener();
http.Prefixes.Add("http://*:port/");

 

 

Need more support?
Who's talking

Top contributors to this post

  • User avatar
    dbapiadmin Helpful | Level 5
  • User avatar
    Greg-DB Dropbox Staff
What do Dropbox user levels mean?