You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
How to use https://api.dropboxapi.com/2/files/copy_reference/save
Hello, My goal is to transfer a file to DropboxAcc1 to DropboxAcc2 with this API : https://api.dropboxapi.com/2/files/copy_reference/save $ch = curl_init();
curl_setopt($ch, CURL...
Hello,
Thanks for the answer, can you please give me more explanations about this :
- connect DB1app (the same app as above) to DropboxAcc2, resulting in AccessToken2
How can i connect my app to 2 differents accounts programmatically :
The only way to do it is like that ? :
Log in my browser with my email password to DropboxAcc1, then use Oauth flow with this code and App1 client_id and client_secret :
$tokenUrl = 'https://api.dropboxapi.com/oauth2/token';
$tokenParams = http_build_query([
'code' => $authorizationCode,
'grant_type' => 'authorization_code',
'client_id' => $clientId,
'client_secret' => $clientSecret,
'redirect_uri' => $redirectUri,
]);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $tokenUrl);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $tokenParams);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt($ch, CURLOPT_COOKIEFILE, '');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Content-Type: application/x-www-form-urlencoded',
]);
$tokenResponse = curl_exec($ch);
$tokenResponse = json_decode($tokenResponse, true);
curl_close($ch);
Here i got DropboxAcc1 token and i can get copy_reference of a file on DropboxAcc1
Then :
Logout MANUALLY my browser to DropboxAcc1 and login with DropboxAcc2 informations and use again the php code above.
Now iv got a second token and can use it to save file on DropboxAcc2.
I think i can do it like that, but i need to login and logout manually and this is not what i want...
Hi Cyri129,
What you described in the last post is exactly what need to be done. 😉 It's a bit different than your initial post where you're using different applications for different accounts. Take a look and compare your posts. Can you see the difference? In other words, just use the same app key and app secret while changing only your account login.
Hope this sheds additional light.
Hello !
The problem with my last post is i need to login/out manually, if i want to use APIs its because i want things to be done programmatically.
I don't want to give my password and email to users who will use my app.
Or maybe i can refresh (programmatically) both tokens every hours with a CRON and i use refreshed tokens so i need to log in/out account only for the first access token ?
Cyri129 wrote:...
I don't want to give my password and email to users who will use my app.
...
Where somebody asked you to give anything to anybody?! 🤷 It's not mentioned, but it's something (just opposite) assumed - anybody credentials (either yours or of your clients) should be keeps in secure place and never be exposed! This includes not only email and password, but also access token, refresh token, and anything else that may identify somebody and/or grant unwanted access.
Cyri129 wrote:...
Or maybe i can refresh (programmatically) both tokens every hours with a CRON and i use refreshed tokens so i need to log in/out account only for the first access token ?
Congratulations! 😉 That's what it is. You answer your question. Just for clarification: you don't need to "refresh" your token on any fixed period (either using cron job or anything else). When you get any access token, it comes with expires_in field (how long in seconds this token will keep valid). At that time you may calculate the expiration moment (summing current moment and validity period) and left some buffer (let's say 3 minutes - minus 3 minutes). Next, every time you perform some request you can compare current moment with pre-calculated expiration moment. Once the expiration has happened, you may refresh your access token, store the just refreshed token and use it in the ongoing request. Typical validity period is ~4 hours, but better don't keep it into account - it may vary. In such a way you'll do exactly so much refreshes as needed - neither more nor less. That's it.
Hope this helps.
Thanks for answers !
I think its clear for me now, I will update my code and see if everything works.
About Discuss Dropbox Developer & API
Make connections with other developers
