cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Share your feedback on the Document Scanning Experience in the Dropbox App right here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Problems with the short-lived token for my App

Problems with the short-lived token for my App

rafaelbelda
New member | Level 2

Hello,

I am making a python script that downloads all the files in a Apps folder that I set up for this specific reason. The script is ment to keep me and my friends updated in our workflow. However, after a while, the App token expired and we lost access to the folder; with a bit of research I found out that Dropbox is no longer using permanent tokens and migrated to short-lived tokens and a optional refresh token w/ oauth2.

I am very confused on how to keep the connection alive and from the tutorials that I've watched on YouTube, it looks way to complicated for a simple script, because of this I am even considering changing services and trying to find a easier option. I've never worked with oauth2 before if you haven't guessed already, do I really need to authenticate every time to get the token? I really don't want 50% of my code being just the auth process.


That's lliterally what I was using to connect to DB with the short-lived token:

def getDropbox():
    dbx_token = open(os.path.join(path_config,"dropbox_token.txt"),"r").read()
    return dropbox.Dropbox(dbx_token)


I know there are security risks involved in a permanent token but this is just a quick fix for something that doesn't need to be that secured. I just wanted that my script could always download that files everytime without having to manually generate a new token. 


Thank you if you have the time to answer. Also, sorry for any English/code knowledge mistakes, I just program for fun    = )

 

- Rafael 

1 Accepted Solution

Accepted Solutions

Greg-DB
Dropbox Staff

@rafaelbelda Здравко is correct; for long-term access you should use a refresh token. Refresh tokens do not expire and can be used repeatedly. You do not need to re-authorize the app each time. Once you have a refresh token you can store and re-use that refresh token without further manual action.

 

The official Dropbox Python SDK will handle the details of how to use a refresh token for you, so you would just need to make the Dropbox client object like this, if you used PKCE to retrieve the refresh token:

dropbox.Dropbox(oauth2_refresh_token=REFRESH_TOKEN, app_key=APP_KEY)

or like this, if you did not use PKCE to retrieve the refresh token:

dropbox.Dropbox(oauth2_refresh_token=REFRESH_TOKEN, app_key=APP_KEY, app_secret=APP_SECRET)

 

For reference, you can find more information on how this works at the following resources:

 

View solution in original post

4 Replies 4

Здравко
Legendary | Level 20

In a very similar way, just instead of single access token, use refresh token and application key/secret for the client object initialization. Everything else can stay the same.

Hope this gives direction.

Greg-DB
Dropbox Staff

@rafaelbelda Здравко is correct; for long-term access you should use a refresh token. Refresh tokens do not expire and can be used repeatedly. You do not need to re-authorize the app each time. Once you have a refresh token you can store and re-use that refresh token without further manual action.

 

The official Dropbox Python SDK will handle the details of how to use a refresh token for you, so you would just need to make the Dropbox client object like this, if you used PKCE to retrieve the refresh token:

dropbox.Dropbox(oauth2_refresh_token=REFRESH_TOKEN, app_key=APP_KEY)

or like this, if you did not use PKCE to retrieve the refresh token:

dropbox.Dropbox(oauth2_refresh_token=REFRESH_TOKEN, app_key=APP_KEY, app_secret=APP_SECRET)

 

For reference, you can find more information on how this works at the following resources:

 

rafaelbelda
New member | Level 2
Thank you for replying and for the direction, I will try to integrate that tomorrow and I will get back with the solution.

rafaelbelda
New member | Level 2

Thank you for the extra detail, that was easier than I thought it was; I will try that later. Appreciate the help.

Need more support?
Who's talking

Top contributors to this post

  • User avatar
    rafaelbelda New member | Level 2
  • User avatar
    Greg-DB Dropbox Staff
  • User avatar
    Здравко Legendary | Level 20
What do Dropbox user levels mean?