We're making changes to the Community, so you may have received some notifications - thanks for your patience and welcome back. Learn more here.
Forum Discussion
Refresh token generates an invalid access token?
Guys,
I have obtained a refresh token without problem. I put that in the code to generate an access token, then use the access token to gain access to my files and folders. However, when using the access token, I got the return complaining the it is invalid! That indicates an invalid access token is generated by using the refresh token! My question is: Can the fresh token become invalid during its usage? Can it be used multiple times?
Thanks!
First, by "MY ACCESS ID" and "MY_ID" I expect you mean your app key, and by "MY_PASSWORD" you mean your app secret, as this wouldn't work otherwise.
Anyway, I just tried this out with an app with the app folder access type, and it did not create a duplicate app folder.
Did you previously create, connect, and then delete an app registration, and then create another app with the same name and connect that new app? When you first connect an app with the app folder access type, Dropbox will create a new app folder for that app; it won't re-use any existing folders or app folders (e.g., for other apps) even if they happen to have the same name. If there is another folder with the same name, Dropbox will add "(1)", etc., to find a name that isn't already used when creating the new app folder.
- Greg-DB
Dropbox Staff
While refresh tokens can be used repeatedly and don't expire automatically, they can become invalid at any time for a number of reasons (for example, if the user or app revokes it using the https://www.dropbox.com/account/connected_apps web page or the /2/auth/token/revoke API endpoint). If/when a refresh token is revoked, all of the access tokens for that refresh token are revoked as well.
If something isn't working properly on the API, we'll be happy to look into it, but we'd need some more information. In that case, please reply with:
- the name and version number of the platform and SDK/library you are using, if any
- the steps to reproduce the issue, including relevant code snippet(s), but don't include any valid access or refresh token(s)
- the full text of any error or unexpected output
Ok, I found out the problem.
Here is what I do to get a fresh token:
1) getting an authorization code from my bowser:
https://www.dropbox.com/oauth2/authorize?client_id=<MY ACCESS ID>&token_access_type=offline&response_type=code
2) After getting the authorization code, I put it in to run a curl from browser to obtain my refresh token:
curl https://api.dropbox.com/oauth2/token \
-d code=<THE AUTHORIZATION CODE> \
-d grant_type=authorization_code \
-u MY_ID:MY_PASSWORDThis will get me a 'refresh_token" and an "access_token". However, when I look at my app folder, an additional folder was created by this call! For example, my app folder is "CallRecords", the new folder "CallRecords (1)" was created by the above curl command without any content in it. Could you please explain why it was created?
Thanks!
- Greg-DB
First, by "MY ACCESS ID" and "MY_ID" I expect you mean your app key, and by "MY_PASSWORD" you mean your app secret, as this wouldn't work otherwise.
Anyway, I just tried this out with an app with the app folder access type, and it did not create a duplicate app folder.
Did you previously create, connect, and then delete an app registration, and then create another app with the same name and connect that new app? When you first connect an app with the app folder access type, Dropbox will create a new app folder for that app; it won't re-use any existing folders or app folders (e.g., for other apps) even if they happen to have the same name. If there is another folder with the same name, Dropbox will add "(1)", etc., to find a name that isn't already used when creating the new app folder.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
