Auth Token Question

Question

Hello,&nbsp;
&nbsp;
I am using JavaScript API from dropbox. Is there a way to generate a temp token, so it expires after its used once?&nbsp;
&nbsp;
I find a permanent token is risky, anyone can just upload anything to my account.
&nbsp;
Thanks!

Greg-DB · Answer

No, the Dropbox API doesn't automatically expiring tokens, but I'll be sure to pass this along as a feature request. You can revoke any token on demand though, using authTokenRevoke.
&nbsp;
Also, note that the API was designed with the intention that each user would link their own Dropbox account, in order to interact with their own files. However, it is technically possible to connect to just one account. We don't recommend doing so, for various technical and security reasons, such as what you mentioned.

slingxshot · Answer

So it sounds like I will need to do this server side like PHP or Java to hide the token, etc?
&nbsp;
Thanks

Greg-DB · Answer

Yes, that would be the only safe way to do it.

Forum Discussion

Auth Token Question

3 Replies

About Dropbox API Support and Feedback

Related Content

Javascript SDK - Auth, getting tokens, setting tokens

Oauth2 refresh token question - what happens when the refresh token expires?

Programatically generate auth token for nodejs server with javascript SDK

header array invalid request for token auth php

Get refresh token from access token?

Recent Discussions

Classic ASP read folder for https file links.

Can't upload branding logo for app

Failed to Load Request Error when using Chooser API

list_folder is not returning media info

Receiving errors from Dropbox API