cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
We’ve covered lots of big life moments in our ‘How we use Dropbox’ series - and now we even have some tips on how you can use Dropbox to keep the planning of a wedding as easy and as painless as possible over here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to handle OAuth2 keys if they only last four hours

How to handle OAuth2 keys if they only last four hours

charlesfish
Explorer | Level 3

Hey guys,

 

I developed a Dropbox app using Dropbox developers that is supposed to be used to upgrade a TI MCU over the air. I noticed that there is a note that the "no expiration" option for the OAuth2 key that says that it is going to be deprecated. The only other option looks like the tokens expire every four hours. How are we supposed to run OTA updates on firmware if the token is expiring every four hours? The token is stored in firmware on the MCU side, so would we have to update firmware every four hours to generate new tokens? That doesn't seem very realistic.

 

Thanks in advance!!
Charles

1 Accepted Solution

Accepted Solutions

Re: How to handle OAuth2 keys if they only last four hours

Greg-DB
Dropboxer

If the app needs long-term access (i.e., longer than four hours) without manual user interaction, it should request "offline" access during the OAuth app authorization flow. In that case, it will receive a "refresh token" that it can use to programmatically get a new short-lived access token at any point in time, without further manual user interaction. 

 

You can find more information in the following resources:

View solution in original post

1 Reply 1

Re: How to handle OAuth2 keys if they only last four hours

Greg-DB
Dropboxer

If the app needs long-term access (i.e., longer than four hours) without manual user interaction, it should request "offline" access during the OAuth app authorization flow. In that case, it will receive a "refresh token" that it can use to programmatically get a new short-lived access token at any point in time, without further manual user interaction. 

 

You can find more information in the following resources:

Who's talking

Top contributors to this post

  • User avatar
    Greg-DB Dropboxer
What do Dropbox user levels mean?
Need more support?