cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Want to know what we learned at IBC? Check out our learnings on media, remote working and more right here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: Permananet Access Token

Permananet Access Token

Cryptic7
Explorer | Level 3
Go to solution

Why I'm using dropbox:

So I wanted to make a windows maintenance bot that I could sell to my friends, but I didn't want to have to copy the files for each person. So I thought I would make an improvised install and update executable. My plan was to upload the bot files to a private dropbox account that the bot would have access to. Then the small install executable would just download the files to their computer from dropbox, along with an update routine that will detect if there has been a change to the files stored, and update their local bot files.

 

What I'm having trouble with:

I can download and detect changes just fine, but my access token keeps expiring. I researched for a bit and found that there was an option to make the token not expire, and then researched a bit more and found that you guys removed the feature. I've been researching for hours and I have no idea how to make the bot have permanent access to the private drop box account. Can you help me out? Also, forgot to mention I'm using the JS api.

1 Accepted Solution

Accepted Solutions

Greg-DB
Dropbox Staff
Go to solution

Dropbox is currently in the process of switching to only issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens. You can find more information on this migration here.

Apps can still get long-term access by requesting "offline" access though, in which case the app receives a "refresh token" that can be used to retrieve new short-lived access tokens as needed, without further manual user intervention. You can find more information in the OAuth Guide and authorization documentation.

 

The Dropbox JavaScript SDK itself has functionality built in to support this. You can find examples here, such as this one that shows how to set the refresh token.

View solution in original post

4 Replies 4

Greg-DB
Dropbox Staff
Go to solution

Dropbox is currently in the process of switching to only issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens. You can find more information on this migration here.

Apps can still get long-term access by requesting "offline" access though, in which case the app receives a "refresh token" that can be used to retrieve new short-lived access tokens as needed, without further manual user intervention. You can find more information in the OAuth Guide and authorization documentation.

 

The Dropbox JavaScript SDK itself has functionality built in to support this. You can find examples here, such as this one that shows how to set the refresh token.

Cryptic7
Explorer | Level 3
Go to solution

Thank you Greg! I saw refresh tokens mentioned a few times, but I couldn't find any reasonable data. This has been a big help!

lalomores
Helpful | Level 5
Go to solution

I'm having the same problem. But I don't want any user going through a Dropbox authentication flow in the browser.

 

What I need is a similarly transparent process as was the permanent token.

In the different authentication types shown in the documentation, there's a match to what I'm looking for: "App Authentication"

https://www.dropbox.com/developers/reference/auth-types

which claims not to require tokens of any kind.

 

I also checked the API documentation and see that the APIs I need are compatible with App Authentication.

However, I don't find examples of such scenario. The only one I found using the client API and Secret is this one: https://github.com/dropbox/dropbox-sdk-js/blob/main/examples/javascript/simple-backend/code_flow_exa...

 

But after initializing with client and secret, it also goes through browser auth to get a token. I don't quite understand this flow as the code already has the secret. Maybe it is to show a specific user folders/files? However, as I have an "App folder" that has been created when creating my Dropbox app in the app console, I just want to show the app folder files. Non other. No user associated.

 

Using the initialization with client API and secret only, does not seem to be enough, as when I call the list_folders API I get an "unsupported_content_type" error, and a 409 error code.

 

Any help will be most appreciated!

 

 

 

Greg-DB
Dropbox Staff
Go to solution

@lalomores I see you also opened another thread for this. We've followed up with you there.

Need more support?