cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community
English
Announcements
Want to learn some quick and useful tips to make your day easier? Check out how Calvin uses Replay to get feedback from other teams at Dropbox here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: Why I have refresh token null? What should I do now?

Labels:

Why I have refresh token null? What should I do now?

luigiafassina
Explorer | Level 4
‎11-21-2022 02:58 AM
Go to solution

Hi, I have an app that allows the users to connect their Dropbox accounts and see the content directly in the app. When the user enters his credentials and grants permission in the Dbx form, my app receives the refresh token and I use it to programmatically get a new short-lived access token whenever it's needed. This worked since some weeks ago and then, without the users or the app doing anything, the refresh token and expiration date returned null. If the user revokes the connection and reconnects, the app receives a new access token but the expiration date and refresh token are still null.

What are the scenarios where the Dropbox service returns a null refresh token?

What can I do now to get a valid one?

Labels:
  • 0 Likes
  • 4 Replies
  • 1,512 Views
0 Likes
1 Accepted Solution

Accepted Solutions

Greg-DB
Dropbox Staff
‎11-24-2022 08:30 AM
Go to solution

@luigiafassina Can you clarify what you mean when you say "they disappeared for all the users in all my envs"? What exactly disappeared and how? The refresh tokens are strings that you should store and re-use. Apps and users can revoke refresh tokens on demand, though you should still have the refresh token strings themselves; they would just no longer work.

 

If the app is disconnected/the refresh token revoked, you would need to process the authorization flow again for the user. I see you are requesting offline access in this code snippet. Can you double check this is the exact code you're running in that case?

View solution in original post

4 Replies 4

Здравко
Legendary | Level 20
‎11-21-2022 05:20 AM
Go to solution
@luigiafassina wrote:

...

What are the scenarios where the Dropbox service returns a null refresh token?

...

Hi @luigiafassina,

Are you sure you have set offline as access type? 🧐 Refresh token require offline access; if not set as parameter on initial authorization URL, you will never receive it.

 

@luigiafassina wrote:

... This worked since some weeks ago and then, without the users or the app doing anything, the refresh token and expiration date returned null. ...

Hm... Just review the browser URL parameters and make it sure. 😉

Hope this gives direction.

luigiafassina
Explorer | Level 4
‎11-21-2022 05:38 AM
Go to solution

Yes, I'm sure. I'm using dropbox sdk 4.0.1.

    public String authorize(DbxSessionStore sessionStore, String redirectUri) {
        // V2 api /oauth2/authorize
        // TokenAccessType.OFFLINE means refresh_token + access_token.
        // ONLINE means access_token only.
        DbxWebAuth.Request authRequest = DbxWebAuth.newRequestBuilder()
            .withRedirectUri(redirectUri, sessionStore)
            .withTokenAccessType(TokenAccessType.OFFLINE)
            .build();
        DbxWebAuth webAuth = new DbxWebAuth(reqConfig, appInfo);
        return webAuth.authorize(authRequest);
    }

I had the information and all worked, then they disappeared for all the users in all my envs (staging/production).  I see in the docs that the refresh token could be revoked by dropbox.. Could this be the case? And what should I do now? I 've disconnected my account, I've cleaned my db, and retried to connect..but still no expire date and no refresh token returned.

0 Likes

Greg-DB
Dropbox Staff
‎11-24-2022 08:30 AM
Go to solution

@luigiafassina Can you clarify what you mean when you say "they disappeared for all the users in all my envs"? What exactly disappeared and how? The refresh tokens are strings that you should store and re-use. Apps and users can revoke refresh tokens on demand, though you should still have the refresh token strings themselves; they would just no longer work.

 

If the app is disconnected/the refresh token revoked, you would need to process the authorization flow again for the user. I see you are requesting offline access in this code snippet. Can you double check this is the exact code you're running in that case?

luigiafassina
Explorer | Level 4
‎11-25-2022 12:30 AM
Go to solution

Thanks for the help. I understand the issue. I've a server, a web app and a mobile app. Using web app, the user was able to connect to dropbox, saw her files and I had the refresh token in the database...so far so good. But, making the same steps using the mobile app, at some point the refresh token in the db disappeared. Since it happened for all my users more or less at the same time, I thought it was dropbox that revoked the token for some reasons. But, now that you confirm me this is not possible, I've investigating deep in the mobile app and I found a nasty bug: the app sends a null refresh token to the server 🤐☹️

0 Likes
Need more support?