cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Back again with another edition of 'How we use Dropbox', so find out how Emma uses to-do lists to get it all done here!

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

App signout issue

App signout issue

donaldp
Collaborator | Level 8

Hi,

Having issues with getting signed out in my app, so as to sign-in again with a different user (or simply prevent someone else from having unauthorised access due to still signed in). As far as I can see, you still don't have a signout method yet, and I've tried some of the things I've found suggested here to effectively achieve that, but still not working.

At the moment, to "sign out",  I am doing the following (this is C#/.NET)...

await DxClient.Auth.TokenRevokeAsync();
DxClient.Dispose();
DxClient=null;

...and yet, when I go to sign-in again - i.e. I want to get the sign-in screen and enter an e-mail address and password - the server goes "oh,I see you've already been logged in on this device, here, have another token". What do I need to do to make it stop giving me another token and give me the sign-in screen instead (THEN give me another token when I have signed in again)?

And before you ask, yes, it is a second token, not the same one as the first time - I checked. I'm being given a second token without signing in a second time.

 

thanks,

   Donald.

 

1 Accepted Solution

Accepted Solutions

Re: App signout issue

Greg-DB
Dropboxer

Revoking a particular access token prevents that token from being used, but it doesn't completely unlink an app from the account. (E.g., there may be other access tokens for that app-account pair.)

Also, it doesn't revoke the user's web session in the browser, which is unrelated to access tokens.

The user can always unlink apps from their account from the Connected apps page, or log out of Dropbox via the logout page.

Also, the app itself can optionally use the forceReapprove or forceReauthentication option on DropboxOAuth2Helper.GetAuthorizeUri though to have the user explicitly re-approve the app, or entirely re-authenticate (i.e., log in to the Dropbox web site) again, respectively.

View solution in original post

2 Replies 2

Re: App signout issue

Greg-DB
Dropboxer

Revoking a particular access token prevents that token from being used, but it doesn't completely unlink an app from the account. (E.g., there may be other access tokens for that app-account pair.)

Also, it doesn't revoke the user's web session in the browser, which is unrelated to access tokens.

The user can always unlink apps from their account from the Connected apps page, or log out of Dropbox via the logout page.

Also, the app itself can optionally use the forceReapprove or forceReauthentication option on DropboxOAuth2Helper.GetAuthorizeUri though to have the user explicitly re-approve the app, or entirely re-authenticate (i.e., log in to the Dropbox web site) again, respectively.

View solution in original post

Re: App signout issue

donaldp
Collaborator | Level 8

Aesome! Thanks Greg! Didn't see any reference to that in my search results, but ForceReauthentication does the job. 🙂

Poll
We love to learn from the educators who use Dropbox. Whether you teach kids, teens, adults or a combination of all three, we want to know what apps and integrations you use with Dropbox to help with teaching. Which of the ones below is your favorite, or most used tool?
Who's talking

Top contributors to this post

  • User avatar
    donaldp Collaborator | Level 8
  • User avatar
    Greg-DB Dropboxer
What do Dropbox user levels mean?
Need more support?