cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community
English
Announcements
Want to learn some quick and useful tips to make your day easier? Check out how Calvin uses Replay to get feedback from other teams at Dropbox here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Invalid access token

Labels:

Invalid access token

Muneebzzzz
Explorer | Level 4
‎10-18-2019 03:22 AM

I generated an access token while creating my project on dropbox app console, and used that token to let my user's to fetch data from my drobox using my android app, everything worked fine for months but today i was getting an exception that my access token is not valid, then i generated a new access token from app console and it again started working, now that my token is changed and is affecting my users as they have the old one.. i want to know what has happened and how my token becomes invalid, is the token got changed or what.. i have over 5k installs on google play and now my all users are affecting

Labels:
  • 0 Likes
  • 14 Replies
  • 6,236 Views
0 Likes
14 Replies 14

Muneebzzzz
Explorer | Level 4
‎10-18-2019 01:58 PM
Yes you are right Greg, i have to secure my token.. one last question that iam not using app secret code in my app, is that code use for the auth process? And thanks for the quick response
0 Likes

Greg-DB
Dropbox Staff
‎10-18-2019 02:07 PM

Yes, the app key and secret identify an app, and would be used in the OAuth app authorization flow. 

More specifically, Dropbox actually supports two forms of the OAuth app authorization flow: "code" and "token", documented here. The "code" flow is generally intended for server-side apps, and requires both the app key and secret. The "token" flow is generally intended for client-side apps, and only requires the app key, and not the secret.

0 Likes

Muneebzzzz
Explorer | Level 4
‎10-18-2019 02:09 PM
You explain so well Greg.. thanks alot for bearing me and giving your precious time 🙂
0 Likes

Muneebzzzz
Explorer | Level 4
‎10-18-2019 02:12 PM
Actually iam not using app key in my code, only using access token
0 Likes

Greg-DB
Dropbox Staff
‎10-21-2019 07:18 AM

That's correct, as you've described it, your current setup involves you embedding your access token itself in your app, not your app key or secret, since you are not using the OAuth app authorization flow.

If you were to use the OAuth app authorization flow, you would need to embed your app key, if using the "token" flow, or your app key and secret, if using the "code" flow.

0 Likes
Need more support?
Who's talking

Top contributors to this post

  • User avatar
    Greg-DB Dropbox Staff
  • User avatar
    Muneebzzzz Explorer | Level 4
What do Dropbox user levels mean?