Re: OAuth Updates for an App for just One Single User (Developer is only user) required ?

martinkleinaustria · ‎01-19-2021

I received a mail from Dropbox announcing the Oauth updates by Sept 2021.

I have a very simple Single Page Java Script application - which runs in the browser not in node - and I use the Dropbox-sdk.js.

I am and will be the only user of this application.

It just does a

var dbxt = new Dropbox.Dropbox({ accessToken: "xxxxxxxxxxx" });

Where xxxxxxxxx is the Generated Access-Token from the App Console.

Then I use the returned object for a download

dbxt.filesDownload({
	path: '/BookLibrary.xml'
})

Thats it.

Do I have to change anything by Sept 2021 due to the changes with OAuth ?
If yes - Could you please provide an example for my simple case.
The "download" example that is provided in the Javascript SDK by today still works with a generated access-token so I guess I don't have to change anything.

Many thanks

Martin Klein

Greg-DB · ‎05-11-2021

Short-lived access tokens only last for a few hours, so if you need long-term access, you'd also need to plug in a refresh token. The refresh token can be used to get new short-lived access tokens on demand, without further manual interaction. The App Console doesn't offer the ability to get refresh tokens though, so you'd need to process the OAuth flow (which you can do manually just once if that's all you need) to get the refresh token.

martinkleinaustria · ‎05-13-2021

Ok. Can you please point me to or provide me an example for a MANUAL OAuth flow that would provide me a refresh Token.

Many thanks and kind regards

Martin Klein

Greg-DB · ‎05-13-2021

You can find examples in the authorization documentation, such as how the authorization URL should be formed for /oauth2/authorize, as well as how calls to /oauth2/token would be made using curl.