Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
Hi there,
I want to switch from the depricated long-lived tokens to short-lived access tokens for an application that uses offline access. The old token flow didn't have a refresh token generated. Is it possible to get an refresh token for those old tokens (once) so I can migrate the application to the new short-lived tokens with refresh token without requiring all users to re-authorize?
Thanks!
No, we don't have a way to get refresh tokens for existing long-lived access tokens. However, while long-lived access tokens are now considered deprecated, but we don't currently have a plan to disable existing long-lived access tokens. (If that changes, we will of course announce that ahead of time.) That being the case, your existing users can continue using their existing long-lived access token(s) and you don't have to force them to re-authorize the app if you don't want to.
No, we don't have a way to get refresh tokens for existing long-lived access tokens. However, while long-lived access tokens are now considered deprecated, but we don't currently have a plan to disable existing long-lived access tokens. (If that changes, we will of course announce that ahead of time.) That being the case, your existing users can continue using their existing long-lived access token(s) and you don't have to force them to re-authorize the app if you don't want to.
Thanks for your quick reply!
I understand that there are no plans yet to disable the old tokens, but I assume that this will happen at some point. But it is good to know that I don't need to force the users at this moment. However, as the short-lived tokens with refresh token add an additional level of security, I will have to migrate anyway (at least for new authorizations).
Hi ,
Is there any error that will be thrown when long lived access token get deprecated? we are shifting our nodejs application where long lived access token accounts will start giving a deprecation error once announced.
Just wanted to heads up on the error priorly so that we can handle them.
Is there any expiry to refresh token?Please let us know.
OAuth 2 refresh tokens will not expire by themselves. See @Greg-DB answer in this topic.
Perhaps a good idea to mention this clearly in the documentation.
Thanks! That's correct, refresh tokens don't expire by themselves (though the user or app can revoke them on demand of course). I'll ask the team to more clearly document this.
Anyway, long-lived access tokens are now considered "deprecated", but they will continue operating as they do currently. We'll make an announcement with details if/when that will change.
Hi there!
If you need more help you can view your support options (expected response time for a ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!