To build our own app we are creating a dropbox account we are calling to a dropbox api in that i didnt get the complete details for creating the developer account here is the syntax of the dropbox api : "https://www.dropbox.com/1/oauth2/authorize?client_id="+<app key>&response_type=code&redirect_uri=<redirect URI>&state=<CSRF token> .
I didnt get about the state parameter like state=<CSRF token> how to get that csrf token and how to authentcate and get the access token and refresh token.
"Up to 500 bytes of arbitrary data that will be passed back to your redirect URI. This parameter should be used to protect against cross-site request forgery (CSRF). See Sections 126.96.36.199 and 188.8.131.52 of the OAuth 2.0 threat model spec."
To protext against CSRF attacks, the value should be unguessable, random, arbitrary data that your app generates. Please refer to the above links for more information. You can additionally use it to store any application state you need to pass through the app authorization flow.