cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Update: Find information on Dropbox support during COVID-19 here
Close

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

App signout issue

Collaborator | Level 8

Hi,

Having issues with getting signed out in my app, so as to sign-in again with a different user (or simply prevent someone else from having unauthorised access due to still signed in). As far as I can see, you still don't have a signout method yet, and I've tried some of the things I've found suggested here to effectively achieve that, but still not working.

At the moment, to "sign out",  I am doing the following (this is C#/.NET)...

await DxClient.Auth.TokenRevokeAsync();
DxClient.Dispose();
DxClient=null;

...and yet, when I go to sign-in again - i.e. I want to get the sign-in screen and enter an e-mail address and password - the server goes "oh,I see you've already been logged in on this device, here, have another token". What do I need to do to make it stop giving me another token and give me the sign-in screen instead (THEN give me another token when I have signed in again)?

And before you ask, yes, it is a second token, not the same one as the first time - I checked. I'm being given a second token without signing in a second time.

 

thanks,

   Donald.

 

1 Accepted Solution

Accepted Solutions
Highlighted

Re: App signout issue

Dropboxer
Dropboxer

Revoking a particular access token prevents that token from being used, but it doesn't completely unlink an app from the account. (E.g., there may be other access tokens for that app-account pair.)

Also, it doesn't revoke the user's web session in the browser, which is unrelated to access tokens.

The user can always unlink apps from their account from the Connected apps page, or log out of Dropbox via the logout page.

Also, the app itself can optionally use the forceReapprove or forceReauthentication option on DropboxOAuth2Helper.GetAuthorizeUri though to have the user explicitly re-approve the app, or entirely re-authenticate (i.e., log in to the Dropbox web site) again, respectively.

View solution in original post

2 Replies 2
Highlighted

Re: App signout issue

Dropboxer
Dropboxer

Revoking a particular access token prevents that token from being used, but it doesn't completely unlink an app from the account. (E.g., there may be other access tokens for that app-account pair.)

Also, it doesn't revoke the user's web session in the browser, which is unrelated to access tokens.

The user can always unlink apps from their account from the Connected apps page, or log out of Dropbox via the logout page.

Also, the app itself can optionally use the forceReapprove or forceReauthentication option on DropboxOAuth2Helper.GetAuthorizeUri though to have the user explicitly re-approve the app, or entirely re-authenticate (i.e., log in to the Dropbox web site) again, respectively.

View solution in original post

Highlighted

Re: App signout issue

Collaborator | Level 8

Aesome! Thanks Greg! Didn't see any reference to that in my search results, but ForceReauthentication does the job.

Work Smarter with Dropbox

The way we work is changing. Share and discover new ways to work smarter with Dropbox in our community.

Sound good? Let's get started.
Who's talking

Top contributors to this post

What do Dropbox user levels mean?
Need more support?