Your workflow is unique 👨💻 - tell us how you use Dropbox here.
Forum Discussion
How to relink a user (revoke) using the javascript api.
Can anyone show me an example how to use the javascript api to revoke and then let the user re-link to Dropbox?
Ok. I can get the revoke working by using your code. But I have to restart my app to get the Dropbox login dialog.
If I run authenticateWithCordova right after revoke, I'm just logged in again without the need of writing my username and password.
Anything to do?
Greg-DB
Dropbox Community Moderator
Dropbox Community ModeratorIt sounds like you're referring to still being signed in to the Dropbox web site (www.dropbox.com) itself in the browser. This is unrelated to the API/access token.
To sign out of the web site, the user can do so themselves via the "Sign out" link, or the app can direct them to https://www.dropbox.com/logout .
To sign out of the web site, the user can do so themselves via the "Sign out" link, or the app can direct them to https://www.dropbox.com/logout .
Many thanks for your answers and your efforts to help me.
But, it is not about the Dropbox website.
I have made a Cordova app using javascript.
When the app starts first time, the user is guided to log in to a Dropbox account.
To do that, I usevar DROPBOX_APP_KEY = 'mydropboxappkey';
var dbx = new Dropbox({clientId:DROPBOX_APP_KEY});
dbx.authenticateWithCordova(
function(accessToken)
{//user is logged in
});The Dropbox login dialog is displayed in the app and the users can write the username and password and get access to their Dropbox .
Works fine!
My problem is that I would like to give the users opportunity to logout and login to another Dropbox account.
I can run the "dbx.revoke", and it works. The user have no longer access to the Dropbox.Now I run the "dbx.authenticateWithCordova" again.
This time the Dropbox login dialog is not displayed.
But the user is logged automatically to the same account, and are not able to write another username and password.
The only way I can get the login dialog is to restart the app.
I hope this is clear what the problem is.
- Greg-DBIt sounds like you're referring to the behavior of the Dropbox OAuth app authorization flow where, if the user has already authorized your app, then they may be automatically redirected back to your app instead of having to provide explicit authorization again. If the user fully revokes the app's authorization, e.g., via https://www.dropbox.com/account/security , though, then they will not be automatically redirected.
Apps can also control this behavior using the 'force_reapprove' parameter on /authorize:
https://www.dropbox.com/developers/documentation/http/documentation#oauth2-authorize
This isn't currently implemented in the official JavaScript SDK, but I'll be sure to pass this along as a feature request.
So I tried sending the user to the logout page, but them logging in with a different profile doesn't seem to change which user is logged in with my javascript app.
Is there no way to change the output of dbx.getAuthenticationUrl to give a web address that'll automatically log the user out?
- Greg-DB
anthonyhaffey The user's web session, that is, the account signed in to the Dropbox web site, is separate from the API client's access, that is, the account identified by the access token your app has.
If you're trying to switch the account logged in to your app, make sure you throw away the old access token, as that will always be for the old account.
For reference though apps can technically sign users out of the Dropbox web site during the app authorization flow. Similar to the 'force_reapprove' parameter on /authorize, there is a 'force_reauthentication' parameter:
https://www.dropbox.com/developers/documentation/http/documentation#oauth2-authorize
This also isn't currently implemented in the official JavaScript SDK, but I'll be sure to pass this along as a feature request. We generally don't encourage its use though, as it's more disruptive to the user.
Greg-DB Thanks for your response. I've tried throwing away the old token, but I've found that my method for asking them to reauthenticate automatically logs them onto the same dropbox account:
dbx.authTokenRevoke(); var dbx = new Dropbox({ clientId: CLIENT_ID }); var authUrl = dbx.getAuthenticationUrl('https://www.open-collector.org/alpha/Admin/Tools/Simulator_SQL/'); document.getElementById('authlink').href = authUrl; $("#authlink")[0].click();Is there something I need to change or add to this code to prevent them automatically being authenticated onto the same dropbox account as they were before I revoked the authorisation token?
About Dropbox API Support and Feedback
Get help with the Dropbox API from fellow developers and experts.
