cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Want to know all about tools for creatives that work seamlessly with Dropbox, like Adobe? Well, check it out right here!

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Refresh token, where I can find an implementation example or tutorial?

Refresh token, where I can find an implementation example or tutorial?

Samnis
Explorer | Level 3

Hi,

I need to update my app to support new OAuth code flow with PKCE/scopes and new short-lived tokens. For code flow with PKCE and scopes I see there is the new method "DBClientsManager.authorizeFromControllerV2:...". But, where I can find a tutorial or an example about using and refreshing short-lived tokens? I don't know which method to call, when call it and how to manage the response.

I have read:

https://dropbox.tech/developers/now-available--scoped-apps-and-enhanced-permissions

https://dropbox.tech/developers/migrating-app-permissions-and-access-tokens#implement-refresh-tokens

- example app DBRoulette

- this forum

but I found nothing.

 

Please help, thank you.

 

1 Accepted Solution

Accepted Solutions

Re: Refresh token, where I can find an implementation example or tutorial?

Greg-DB
Dropboxer

If you use the SDK and implement the authorization flow as documented, i.e., using authorizeFromControllerV2, the SDK will actually automatically handle the short-lived access token and refresh token logic for you.

View solution in original post

11 Replies 11

Re: Refresh token, where I can find an implementation example or tutorial?

Samnis
Explorer | Level 3

Sorry, 

I missed some info: I am using the official Objective-C SDK from Dropbox available here:

https://github.com/dropbox/dropbox-sdk-obj-c

 

Thank you

 

Re: Refresh token, where I can find an implementation example or tutorial?

Greg-DB
Dropboxer

If you use the SDK and implement the authorization flow as documented, i.e., using authorizeFromControllerV2, the SDK will actually automatically handle the short-lived access token and refresh token logic for you.

View solution in original post

Re: Refresh token, where I can find an implementation example or tutorial?

Samnis
Explorer | Level 3

Wow, good news 🙂 I'll try it as soon as possible.

Greg, thank you very much for your prompt answer.

PS: maybe you should add a clarification to the documentation 🙂

 

Re: Refresh token, where I can find an implementation example or tutorial?

eweb
Explorer | Level 4

I have made the described changes to the DBRoulette example app. And it doesn't automatically handle the refresh token. Perhaps I am doing something wrong. But once the short lived token has expired it gives a 401 with an expired_access_token error.

Perhaps you could update the example.

Re: Refresh token, where I can find an implementation example or tutorial?

Greg-DB
Dropboxer

@eweb I'll ask the team to update the DBRoulette example. I can't promise exactly when that would be done though, so in the meantime perhaps you can share what you have so far and I can take a look at see what the issue might be.

Re: Refresh token, where I can find an implementation example or tutorial?

eweb
Explorer | Level 4

Possibly the simplest way to do that would be to fork the repo and push up my changes. Is that gonna help you.

Re: Refresh token, where I can find an implementation example or tutorial?

eweb
Explorer | Level 4

Re: Refresh token, where I can find an implementation example or tutorial?

Greg-DB
Dropboxer

@eweb Thanks! Looking at the comparison, I see the relevant difference is the replacement of authorizeFromController with authorizeFromControllerV2 in linkDropboxButtonPressed. That looks correct, and I don't believe you're missing anything. I'll give that a try myself and look into it. 

Re: Refresh token, where I can find an implementation example or tutorial?

Greg-DB
Dropboxer

@eweb I tried this out, and it's working successfully for me. Even after the initial short-lived access token expires, the SDK automatically uses the stored refresh token to get a new short-lived access token and then uses that to successfully make further API calls, without having to report 'expired_access_token' back to the app's code. 

 

Did you perhaps process the app authorization flow before switching from authorizeFromController to authorizeFromControllerV2 and so only had a short-lived access token stored, but not a refresh token? You can unlink the client and then re-authorize with authorizeFromControllerV2 in that case. 

Poll
Do you work or study in the creative industry? If so, which area?
If you use Adobe, don't forget to check out our latest integrations update here.
Who's talking

Top contributors to this post

  • User avatar
    eweb Explorer | Level 4
  • User avatar
    Greg-DB Dropboxer
What do Dropbox user levels mean?
Need more support?