You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
My migration plan for Android app (short-lived access tokens)
In looking at the various examples of implementing short-lived tokens in Andriod, I wanted my implementation to use more primitive methods, instead of DropboxClientFactory, PicassoClient, and DbxRequ...
If it is changed, then shouldn't the serialized version be updated in SharedPreferences too? I didn't see that in any of the examples, so I am confused as to whether or not it is necessary. What would happen if the token got refreshed, but the next time we come to this Activity, we try to refresh it again, but starting with a very stale version of the DbxCredential? Would it work anyway?
The short-lived access token itself is very short-lived (just four hours) and doesn't need to be persisted to preferences each time. It's only the refresh token (and app key) that matters. The app doesn't need a short-lived access token to perform the refresh to get a new short-lived access token. Even if the previous short-lived access token is very old, the SDK can still perform the refresh successfully. The refresh token itself does not actually expire (unless the user or app revokes it).
Finally, the scope that I think I need is just "files.content.write", "files.content.read" because all my app does is upload files to the App Folder or download files from the App Folder. I also examine the metadata for files to determine their last modified date. Does that require an additional scope, or are the two listed sufficient?
Yes, if you just need to upload and download files, those scopes are sufficient. (Those scopes also actually depend on the "files.metadata.read" scope, so you'll automatically get that too, for reading the corresponding metadata.)
Greg-DB
Dropbox Staff
Dropbox StaffIf it is changed, then shouldn't the serialized version be updated in SharedPreferences too? I didn't see that in any of the examples, so I am confused as to whether or not it is necessary. What would happen if the token got refreshed, but the next time we come to this Activity, we try to refresh it again, but starting with a very stale version of the DbxCredential? Would it work anyway?
The short-lived access token itself is very short-lived (just four hours) and doesn't need to be persisted to preferences each time. It's only the refresh token (and app key) that matters. The app doesn't need a short-lived access token to perform the refresh to get a new short-lived access token. Even if the previous short-lived access token is very old, the SDK can still perform the refresh successfully. The refresh token itself does not actually expire (unless the user or app revokes it).
Finally, the scope that I think I need is just "files.content.write", "files.content.read" because all my app does is upload files to the App Folder or download files from the App Folder. I also examine the metadata for files to determine their last modified date. Does that require an additional scope, or are the two listed sufficient?
Yes, if you just need to upload and download files, those scopes are sufficient. (Those scopes also actually depend on the "files.metadata.read" scope, so you'll automatically get that too, for reading the corresponding metadata.)
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
