cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community
English
Announcements
What’s new: end-to-end encryption, Replay and Dash updates. Find out more about these updates, new features and more here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: Non expiring token kept on changing

Labels:

Non expiring token kept on changing

cfishere
Explorer | Level 3
‎01-07-2022 07:52 PM

So i tried following this article about obtaining my perm app token. I did the exact steps. but it always gives me a different Token when i try to access the link
https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Tokens-only-valid-for-4-hours-from-app-...
am I doing something wrong here? it feels very confusing.

Labels:
  • 0 Likes
  • 27 Replies
  • 2,316 Views
0 Likes
27 Replies 27

pablorgz
New member | Level 2
‎01-23-2022 05:50 AM

The decision you have made about making changes on your platform is a delay. It functioned way more better before these changes were made.

 

ahora.png

-------------------------------------------

antes.png

0 Likes

Greg-DB
Dropbox Staff
‎01-24-2022 10:43 AM

Thanks for the feedback! I'll share this with the team.

0 Likes

sanchitcop19
Explorer | Level 4
‎01-24-2022 09:27 PM

Could clarification be added to the app console itself that the token is short-lived? I spent around 20 min to finally land on this thread and realize we no longer have the option to generate long lived access tokens, would help prevent redundant additional threads on this topic 😅

 

Thanks for all the info Greg!

0 Likes

Greg-DB
Dropbox Staff
‎01-25-2022 08:31 AM

@sanchitcop19 Thanks for the note! I'll ask the team to clarify this in the UI there.

0 Likes

sanchitcop19
Explorer | Level 4
‎01-26-2022 12:50 AM

Thank you!

0 Likes

simatec
New member | Level 2
‎03-20-2022 07:26 AM

Unfortunately, we have the same problem with the token, which is only valid for 4 hours.
In a backup plugin for the iot system iobroker we use the API for backup in the Dropbox.

Unfortunately, the token expires after 4 hours, which unfortunately means that users do not have a backup in the Dropbox.

We have about 45,000 users of the plugin and people are having really big problems with changing the token lifetime

Here is the link to the project

 

https://github.com/simatec/ioBroker.backitup

0 Likes

Greg-DB
Dropbox Staff
‎03-21-2022 07:27 AM

@simatec Thanks for the note. You'll need to update your app to use refresh tokens if it needs to maintain long-term access without manual user intervention. You can find more information on this migration here, and you can find more information about this functionality in the OAuth Guide and authorization documentation.

0 Likes

simatec1976
Explorer | Level 3
‎03-21-2022 08:26 AM

Unfortunately, the variant of the refresh_token cannot be implemented for our plugin.

For your understanding...us backup plugin doesn't have its own app.
Users who want to save their backups in Dropbox create an app in their account.

In order for the user to receive a refresh_token, in-depth knowledge is required, which not all users have.

With the switch to the short_live token, I would like the Dropbox API to continue to be usable. With a validity of 4 hours, this is not the case to use it for a backup system.

iobroker is an iot system that usually runs on linux machines without a GUI and without a browser.

This also means that no authorization query is possible.

Would it be possible to display the refresh_token in the APP console?

In this way, we could offer the option of updating via the refresh token in our backup tool.

But users should get the refresh_token in an easy way

The current way is not user friendly

0 Likes

Greg-DB
Dropbox Staff
‎03-21-2022 08:52 AM

@simatec1976 Thanks for the information. I'm sending this along as a feature request for the ability to get a refresh token via the Generate button on the App Console, but I can't promise if or when that might be implemented.

 

For reference, we do not recommend having end-users create/register apps themselves on Dropbox and then use the Generate button like this. The developer of the app/plugin/integration should register it once, and then implement the OAuth app authorization in the app/plugin/integration so that the end-users can authorize it to access their accounts without having to configure it themselves. That would apply to both the previous long-lived access token functionality, as well as the new short-lived access token and refresh token functionality. Previously, the user would need to process the OAuth app authorization flow once to get the long-lived access token. Now, they would do the same, and the app gets a short-lived access token and refresh token the same way, instead of a long-lived access token. The process would look the same to the end-user in both cases. The app would store and re-use the long-lived access token, or the refresh token, respectively.

0 Likes

simatec
New member | Level 2
‎03-21-2022 11:55 AM
This is very difficult and it is a pity that the previous use is no longer possible.

we currently have around 45,000 users of the backup plugin.
You can imagine what that means for me in terms of support when the users come and write that the upload to Dropbox is no longer working.

I looked at the authorization and don't really understand why a redirect url is required.
We also offer other cloud services such as GoogleDrive and Nextcloud in our plugin.

And I think that something might have to be changed here, especially with picking up the access code from Dropbox.

I can now try to install this in the configuration menu of our plugin, but this topic redirect url is proving to be difficult.

Could one also work without redirect and still get the refresh_token with the code?
0 Likes
Need more support?