Where do I use the app Secret Key? and a Log Out remark...

Dolphin_2018 · ‎03-28-2018

Hi,

1. When I created my app account I saw a field named "Secret Key", where should I use it?

2. When I tried to use the:

.tokenRevoke();

command it didn't really logged out of the Dropbox account, the evidence for that is that right after sending this command I could call the method:

Auth.getOAuth2Token();

and get a valid token key from it that I could use to create a valid client with. It did logged out ONLY after I wrote:

AuthActivity.result = null;

So I just wonder why isn't it documented anywhere? and also why the:

.tokenRevoke();

command doesn't do that internaly?

Thanks.

Greg-DB · ‎03-28-2018

1. It sounds like you're referring to the "app secret". You won't necessarilly need to use this. For example, for client-side apps, such as Android apps, you would use the "token" app authorization flow, which doesn't require the app secret.

2. The `tokenRevoke` method only revokes the access token (whichever is currently loaded in your client object) on the server. It doesn't dispose of the token itself locally, etc. Also, note that the `getOAuth2Token` method only retrieves an access token from the local app authorization flow that jsut occured, and may or may not be the same token as you have currently have loaded in your client object. In general, "logging out" can mean a few different things. There's a discussion here that covers a few different options.

Dolphin_2018 · ‎03-29-2018

I'll check it, thanks.

Where do I use the app Secret Key? and a Log Out remark...

Where do I use the app Secret Key? and a Log Out remark...

Re: Where do I use the app Secret Key? and a Log Out remark...

Re: Where do I use the app Secret Key? and a Log Out remark...

Work Smarter with Dropbox

Top contributors to this post