cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Share your feedback on the Document Scanning Experience in the Dropbox App right here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to relink a user (revoke) using the javascript api.

How to relink a user (revoke) using the javascript api.

Mixware
Explorer | Level 3

Can anyone show me an example how to use the javascript api to revoke and then let the user re-link to Dropbox?

 

14 Replies 14

anthonyhaffey
Explorer | Level 4

So I tried sending the user to the logout page, but them logging in with a different profile doesn't seem to change which user is logged in with my javascript app. 

 

Is there no way to change the output of dbx.getAuthenticationUrl to give a web address that'll automatically log the user out?

Greg-DB
Dropbox Staff

@anthonyhaffey The user's web session, that is, the account signed in to the Dropbox web site, is separate from the API client's access, that is, the account identified by the access token your app has.

 

If you're trying to switch the account logged in to your app, make sure you throw away the old access token, as that will always be for the old account.

 

For reference though apps can technically sign users out of the Dropbox web site during the app authorization flow. Similar to the 'force_reapprove' parameter on /authorize, there is a 'force_reauthentication' parameter:

 

https://www.dropbox.com/developers/documentation/http/documentation#oauth2-authorize

 

This also isn't currently implemented in the official JavaScript SDK, but I'll be sure to pass this along as a feature request. We generally don't encourage its use though, as it's more disruptive to the user.

anthonyhaffey
Explorer | Level 4

@Greg-DB Thanks for your response. I've tried throwing away the old token, but I've found that my method for asking them to reauthenticate automatically logs them onto the same dropbox account:

dbx.authTokenRevoke();
var dbx = new Dropbox({ clientId: CLIENT_ID });
var authUrl = dbx.getAuthenticationUrl('https://www.open-collector.org/alpha/Admin/Tools/Simulator_SQL/');
document.getElementById('authlink').href = authUrl;
$("#authlink")[0].click();

Is there something I need to change or add to this code to prevent them automatically being authenticated onto the same dropbox account as they were before I revoked the authorisation token?

 

Greg-DB
Dropbox Staff
Depending on your use case, you may want to add the `force_reapprove` or `force_reauthentication` parameters. Please refer to my earlier posts on this thread for more information about those.

Since those aren't implemented in the JavaScript SDK, you'd need to parse and modify the `authUrl` value in this code to add one of those parameters.

anthonyhaffey
Explorer | Level 4

@Greg-DB Thanks! All I had to do was add "&force_reauthentication=true" to the end of the authUrl generated by the dbx.getAuthenticationUrl function. 

Need more support?
Who's talking

Top contributors to this post

  • User avatar
    anthonyhaffey Explorer | Level 4
  • User avatar
    Greg-DB Dropbox Staff
What do Dropbox user levels mean?