You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
dbox-arg0
3 years agoExplorer | Level 4
Login to Dropbox from browser extension on Chrome
I'm using this fragment of code for OAuth URL:
self.m_dbxAuth.getAuthenticationUrl(
self.m_fullReceiverPath, // [redirectUri]
undefined, // [state] To help prevent cross...
- 2 years ago
dbox-arg0 wrote:...
One bad thing: I still can't re-use the login code if I reload the page. I assume I'm doing something wrong, please see these steps
...
Hi dbox-arg0,
This isn't a bad thing, it's a normal thing - according the specification. The code you're receiving is "one shot" type - you can use it once and forget it. Where do you read that you would need it further?! 🧐 Wherever is this - it's wrong! 🤫
dbox-arg0 wrote:...
3. Down the line this gets to the call getAccessTokenFromCode(), this returns a refresh token. Then the extension can access the files in my Dropbox folders
...
Nice... 😇 That's exactly what you need, but where do you keep the received "refresh token" (the only token that never expire or until explicit revoke)? 🤔 If you forgot it here, you won't be able refresh your access token later (after the access token expires)!!!
dbox-arg0 wrote:...
5. I have my login code 40h...tbG5pCng in local browser storage, so the first function I call is getAccessTokenFromCode() with it, and I get HTTP 400. Why just seconds ago this gave me a refresh token and now I got 400. In the broswer I can see that the URL is exactly the same as used in step 3 above.
...
I hope you already know what's going wrong here. 😉 If not, take a look above once again.
dbox-arg0 wrote:...
(Another question, I also get an access token, not only a refresh token, why is that, do I have to use it?)
...
If you aren't using the refresh token in any way, why have you selected offline access? Do you really need offline access or not exactly? It's possible to implement your access in both ways. It's matter of your design decision. Read the resources, that Greg did link to above, once again and make your consistent decision - don't try mix different decisions.
Greg-DB
Dropbox Staff
dbox-arg0 Здравко is correct. The "authorization code" can only be used once. You should use it to get the refresh token, and then you should store and re-use the refresh token.
Also, the initial authorization flow will give you an access token that you can use immediately, in addition to the refresh token. You can use that initial access token, but it's not required. You can instead just store the refresh token and use it to get a new access token later when needed.
dbox-arg0
2 years agoExplorer | Level 4
Ah, it seems that I have gone in the wrong direction.
Yes, the documentation explains that the login code was one-time, I don't know why I got confused at some point in the implementation.
I've made the corrections -- the token obtained by getAccessTokenFromCode() yesterday, preserved in local storage, is valid today, even after reloading the browser extension. This is what I wanted.
Thank you for everything, this was a great help.
Мерси много!
🙂
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
5,910 PostsLatest Activity: 3 days agoIf you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!