cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community
English
Announcements
Want to learn some quick and useful tips to make your day easier? Check out how Calvin uses Replay to get feedback from other teams at Dropbox here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: App signout issue

Labels:

App signout issue

donaldp
Collaborator | Level 9
‎12-26-2019 04:29 AM
Go to solution

Hi,

Having issues with getting signed out in my app, so as to sign-in again with a different user (or simply prevent someone else from having unauthorised access due to still signed in). As far as I can see, you still don't have a signout method yet, and I've tried some of the things I've found suggested here to effectively achieve that, but still not working.

At the moment, to "sign out",  I am doing the following (this is C#/.NET)...

await DxClient.Auth.TokenRevokeAsync();
DxClient.Dispose();
DxClient=null;

...and yet, when I go to sign-in again - i.e. I want to get the sign-in screen and enter an e-mail address and password - the server goes "oh,I see you've already been logged in on this device, here, have another token". What do I need to do to make it stop giving me another token and give me the sign-in screen instead (THEN give me another token when I have signed in again)?

And before you ask, yes, it is a second token, not the same one as the first time - I checked. I'm being given a second token without signing in a second time.

 

thanks,

   Donald.

 

Labels:
  • 0 Likes
  • 2 Replies
  • 1,500 Views
0 Likes
1 Accepted Solution

Accepted Solutions

Greg-DB
Dropbox Staff
‎12-26-2019 10:05 AM
Go to solution

Revoking a particular access token prevents that token from being used, but it doesn't completely unlink an app from the account. (E.g., there may be other access tokens for that app-account pair.)

Also, it doesn't revoke the user's web session in the browser, which is unrelated to access tokens.

The user can always unlink apps from their account from the Connected apps page, or log out of Dropbox via the logout page.

Also, the app itself can optionally use the forceReapprove or forceReauthentication option on DropboxOAuth2Helper.GetAuthorizeUri though to have the user explicitly re-approve the app, or entirely re-authenticate (i.e., log in to the Dropbox web site) again, respectively.

View solution in original post

0 Likes
2 Replies 2

Greg-DB
Dropbox Staff
‎12-26-2019 10:05 AM
Go to solution

Revoking a particular access token prevents that token from being used, but it doesn't completely unlink an app from the account. (E.g., there may be other access tokens for that app-account pair.)

Also, it doesn't revoke the user's web session in the browser, which is unrelated to access tokens.

The user can always unlink apps from their account from the Connected apps page, or log out of Dropbox via the logout page.

Also, the app itself can optionally use the forceReapprove or forceReauthentication option on DropboxOAuth2Helper.GetAuthorizeUri though to have the user explicitly re-approve the app, or entirely re-authenticate (i.e., log in to the Dropbox web site) again, respectively.

0 Likes

donaldp
Collaborator | Level 9
‎12-26-2019 01:41 PM
Go to solution

Aesome! Thanks Greg! Didn't see any reference to that in my search results, but ForceReauthentication does the job. 🙂

0 Likes
Need more support?