cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Share your feedback on the Document Scanning Experience in the Dropbox App right here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

2 console application 1 account -

2 console application 1 account -

Omri1984
Explorer | Level 4
Go to solution

if i have a user the authenticate in one application  get access refresh tokens.

then authenticate in another application is the old token will stop working 

or every authentication can exist no matter what.

 

i am asking this because my company toll doing a migration many for each user ,

if during the migration the user will authenticate again in order to run another migration does the old token will expire and i need to use the new token also for the old migration ?

 

 

is my explanation clear ?

1 Accepted Solution

Accepted Solutions

Greg-DB
Dropbox Staff
Go to solution

Refresh tokens do not expire automatically, but they can be revoked by the app or user on demand. That means by default you do not need to get a new refresh token for an account that is already connected (unless it is explicitly revoked by the app or user).

 

Short-lived access tokens do expire after four hours. A refresh token is used to perform the "refresh", which is a way to get a new short-lived access token. The Dropbox .NET SDK will do that for your automatically so you don't need to implement that yourself.

View solution in original post

10 Replies 10

Greg-DB
Dropbox Staff
Go to solution

Authorizing a new application does not affect existing app authorizations. If you get a refresh token for a particular app on an account, existing refresh tokens for other apps on that same account will not be affected. Accounts can have multiple apps connected at the same time.

Omri1984
Explorer | Level 4
Go to solution

and if it the same app ?

 

Greg-DB
Dropbox Staff
Go to solution

The same applies if it's the same app. A single app-account pair can have multiple different refresh tokens. Creating a new refresh token for an app on an account does not affect existing refresh tokens for that app on that account.

Omri1984
Explorer | Level 4
Go to solution

is there a limit on the an=mount of token pair for user ?

Greg-DB
Dropbox Staff
Go to solution

No, there's no particular limit on that.

Omri1984
Explorer | Level 4
Go to solution

and if i am using the .net SDk do i need to call the refresh token or it's refresh automatically ,

 

if it refresh automatically ?

why do i need the refresh token ?

 

and what will happened to the other pairs?

 

 

Greg-DB
Dropbox Staff
Go to solution

If you use the official Dropbox API v2 .NET SDK in C#, you do not need to perform the refresh yourself. The SDK will perform the refresh automatically for you as long as you supply the credentials (the refresh token, etc.). You can find an example of getting and supplying a refresh token in the OauthBasic example (non-PKCE, meant for server-side apps) as well as in the OAuthPKCE example (PKCE, meant for client-side apps).

 

The refresh token is used to retrieve new short-lived access tokens whenever needed, so that no individual access token is valid for a long period of time, while the app can still maintain long-term access.

 

Using a refresh token to perform the refresh process of getting a new short-lived access token does not affect other existing refresh tokens.

Omri1984
Explorer | Level 4
Go to solution

ok.

so i need to refresh only the access token every 4 hours

 

but not need to get a new refresh token 

 

did i understand correctly?

 

 

very confusing.

you are telling me that i do not need to refresh the token that the .net sdk is doing it for me 

but i do need to refresh the access token 

 

did i understand correctly?

 

 

Greg-DB
Dropbox Staff
Go to solution

Refresh tokens do not expire automatically, but they can be revoked by the app or user on demand. That means by default you do not need to get a new refresh token for an account that is already connected (unless it is explicitly revoked by the app or user).

 

Short-lived access tokens do expire after four hours. A refresh token is used to perform the "refresh", which is a way to get a new short-lived access token. The Dropbox .NET SDK will do that for your automatically so you don't need to implement that yourself.

Need more support?
Who's talking

Top contributors to this post

  • User avatar
    Omri1984 Explorer | Level 4
  • User avatar
    Greg-DB Dropbox Staff
What do Dropbox user levels mean?