cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Want to learn some quick and useful tips to make your day easier? Check out how Calvin uses Replay to get feedback from other teams at Dropbox here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: How to get OAuth 2.0 token

How to get OAuth 2.0 token

NLOG
New member | Level 2
Go to solution

How do I get an OAuth 2.0 token with the account I created app without login?

1 Accepted Solution

Accepted Solutions

Greg-DB
Dropbox Staff
Go to solution

@NLOG The user will always need to sign in to Dropbox in order to authorize your app. That applies to your own account, e.g., when signing in to Dropbox to access the app's page on the App Console to use the "Generate" button, or other end-user accounts, when using the OAuth flow.

 

Access tokens don't effectively expire on their own, but they can be revoked by the user or app at any time. That being the case, your app can store and re-use the access tokens, once recieved, without further manual user intervention, but it should be aware that they can become invalid at any time. If they do, you can prompt the user to re-authorize the app if they wish to continue using it.

View solution in original post

4 Replies 4

Walter
Dropbox Staff
Go to solution

Hey @NLOG - Welcome to the Dropbox Forum!

 

I am not really an expert on our APIs but I think you should take a look at this page first. If you stumble upon an issue, please get back to us with a screenshot of the error you get ( if any) and we'll take it from there. 

 

I hope this helps and let us know how this goes for you. 

 

Thanks!


Walter
Community Moderator @ Dropbox
dropbox.com/support


Heart Did this post help you? If so, give it a Like below to let us know.
:arrows_counterclockwise: Need help with something else? Ask me a question!
:pushpin: Find Tips & Tricks Discover more ways to use Dropbox here!
:arrows_counterclockwise: Interested in Community Groups? Click here to join

NLOG
New member | Level 2
Go to solution
Will this token remain valid until it is reissued?

 

 

@Walter wrote:

Hey @NLOG - Welcome to the Dropbox Forum!

 

I am not really an expert on our APIs but I think you should take a look at this page first. If you stumble upon an issue, please get back to us with a screenshot of the error you get ( if any) and we'll take it from there. 

 

I hope this helps and let us know how this goes for you. 

 

Thanks!


Walter
Dropbox Staff
Go to solution

When working with the Dropbox APIs, your app will access the Dropbox service on behalf of your users. You'll need to have each user of your app authenticate with Dropbox to both verify their identity and give your app permission to access their data on Dropbox.

 

Dropbox uses OAuth 2, an open specification, for this purpose. Once completed by a user, the OAuth process returns an access token to your app. The access token is a string generated by Dropbox that you'll need to send with each subsequent API request to uniquely identify both your app and the end user.

 

Mind that there are several reasons we use OAuth. Most importantly, your application doesn't need to store (or transmit for that matter) the user's Dropbox password. OAuth also enables the user to authorize only a limited set of permissions and the user may revoke access at any time they wish. This makes OAuth a safer and more secure form of API authorization for your users.

 

I hope this information helps clear this up. 

 

Cheers!


Walter
Community Moderator @ Dropbox
dropbox.com/support


Heart Did this post help you? If so, give it a Like below to let us know.
:arrows_counterclockwise: Need help with something else? Ask me a question!
:pushpin: Find Tips & Tricks Discover more ways to use Dropbox here!
:arrows_counterclockwise: Interested in Community Groups? Click here to join

Greg-DB
Dropbox Staff
Go to solution

@NLOG The user will always need to sign in to Dropbox in order to authorize your app. That applies to your own account, e.g., when signing in to Dropbox to access the app's page on the App Console to use the "Generate" button, or other end-user accounts, when using the OAuth flow.

 

Access tokens don't effectively expire on their own, but they can be revoked by the user or app at any time. That being the case, your app can store and re-use the access tokens, once recieved, without further manual user intervention, but it should be aware that they can become invalid at any time. If they do, you can prompt the user to re-authorize the app if they wish to continue using it.

Need more support?