You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
How to switch to short live access token?
Hello, I am developing an application on android using the dropbox API. For UI construction reasons I don't use your SDK but the regular flow because I go through my own web client to retrieve the c...
Okay,
If I may say so, it would be good to update the migration document, because it causes confusion by showing the token type selection.https://dropbox.tech/developers/migrating-app-permissions-and-access-tokens
Last question, the principle of obtaining a short-term access token will remain perennial, and it will not subsequently be compulsory to go through implicit grant or PCKE?
In the meantime, thank you for your very appreciable responsiveness.
Regards.
Thank you Greg-DB,
if I understand correctly, as with the other APIs, I just have to save a refresh token locally and generate a new access token with an api request when the expiration has arrived? (https://api.dropbox.com/oauth2/token)
So it's a short live access token operation, because on my developer console I cannot specify short live, Access token experiration does not appear?
NB : my app is in development mode.
Greg-DB
Dropbox Staff
Dropbox StaffI just have to save a refresh token locally and generate a new access token with an api request when the expiration has arrived?
Yes, that's correct. To maintain long-term access, you should store and re-use the refresh token whenever needed. You can get a new short-lived access token whenever needed by calling /oauth2/token with the refresh token.
So it's a short live access token operation, because on my developer console I cannot specify short live, Access token experiration does not appear?
Yes, going forward you should use short-lived access tokens and (optionally) refresh tokens for all further authorizations. As we finish rolling out this change, that "Access token expiration" setting will no longer be available, and so getting new long-lived access tokens will not be possible.
Okay,
If I may say so, it would be good to update the migration document, because it causes confusion by showing the token type selection.https://dropbox.tech/developers/migrating-app-permissions-and-access-tokens
Last question, the principle of obtaining a short-term access token will remain perennial, and it will not subsequently be compulsory to go through implicit grant or PCKE?
In the meantime, thank you for your very appreciable responsiveness.
Regards.- Greg-DB
Short-lived access tokens expire after a few hours (be sure to check the actual API response for the specific expiration time). If the app requests "offline" access and stores the resulting access token, it does not need to send the user through the app authorization flow again, as it can use the refresh token without further manual interaction. If the app requests "online" access, it will only have access for as long as the short-lived access token is valid; after that, it would need to send the user through the app authorization flow again if the user wishes to continue using the integration.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
