cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
ShowĀ Ā onlyĀ  | Search instead forĀ 
Did you mean:Ā 
Community
English
Announcements
Whatā€™s new: end-to-end encryption, Replay and Dash updates. Find out more about these updates, new features and more here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
ShowĀ Ā onlyĀ  | Search instead forĀ 
Did you mean:Ā 

Re: How to handle OAuth2 keys if they only last four hours

Labels:

How to handle OAuth2 keys if they only last four hours

charlesfish
Explorer | Level 3
ā€Ž01-15-2021 11:53 AM
Go to solution

Hey guys,

 

I developed a Dropbox app using Dropbox developers that is supposed to be used to upgrade a TI MCU over the air. I noticed that there is a note that the "no expiration" option for the OAuth2 key that says that it is going to be deprecated. The only other option looks like the tokens expire every four hours. How are we supposed to run OTA updates on firmware if the token is expiring every four hours? The token is stored in firmware on the MCU side, so would we have to update firmware every four hours to generate new tokens? That doesn't seem very realistic.

 

Thanks in advance!!
Charles

Labels:
  • 0 Likes
  • 1 Replies
  • 1,613 Views
0 Likes
1 Accepted Solution

Accepted Solutions

Greg-DB
Dropbox Staff
ā€Ž01-15-2021 12:29 PM
Go to solution

If the app needs long-term access (i.e., longer than four hours) without manual user interaction, it should request "offline" access during the OAuth app authorization flow. In that case, it will receive a "refresh token" that it can use to programmatically get a new short-lived access token at any point in time, without further manual user interaction. 

 

You can find more information in the following resources:

View solution in original post

0 Likes
1 Reply 1

Greg-DB
Dropbox Staff
ā€Ž01-15-2021 12:29 PM
Go to solution

If the app needs long-term access (i.e., longer than four hours) without manual user interaction, it should request "offline" access during the OAuth app authorization flow. In that case, it will receive a "refresh token" that it can use to programmatically get a new short-lived access token at any point in time, without further manual user interaction. 

 

You can find more information in the following resources:

0 Likes
Need more support?