You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.

Forum Discussion

blobwriter's avatar
blobwriter
Explorer | Level 4
4 years ago

OAuth2 w/ refresh tokens for hybrid apps

I have a little Cordova (I know react-native is cool now, but I strongly prefer Vue) app for Android+browser that uses Dropbox for sync, and for both platforms does auth by getting an OAuth2 bearer t...
  • Greg-DB's avatar
    4 years ago

    No, such apps are not forced to have the user re-authorize every four hours. Client-side apps like this can request "offline" access to get refresh tokens if needed. There's an example of requesting offline access from a client-side app (a front-end browser app, in this sample) using the official Dropbox API v2 JavaScript SDK here.

     

    The issue with the authorization URL you constructed is that the PKCE flow (which is how client-side apps can get offline access) is a form of the "response_type=code" flow, not "response_type=token".

     

    I recommend letting the SDK build that URL for you, like in the example here. If you do want to build that directly though, you can find the full authorization documentation here.

About Discuss Dropbox Developer & API

Node avatar for Discuss Dropbox Developer & API

Make connections with other developers

797 PostsLatest Activity: 2 days ago
199 Following

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!