Learn how to make the most out of the Dropbox Community here 💙.
Forum Discussion
Dropbox API OAuth 2.0 Access Token
We are currently working on a website (https://ppbranding.com.au/contact) that includes a contact form with a multiple-file upload option. When a user submits this form, we aim to generate a folder in our Dropbox account. This folder will be named after the user's input in the 'Name' field of the contact form, followed by the corresponding date (e.g., John-Smith-26-10-2023). Within this folder, all the uploaded documents will be stored.
To achieve this, we are utilizing the Dropbox OAuth 2.0 API. Initially, we were providing an Access Token manually generated from the App Console. However, this token's validity is limited to approximately 4 hours. To make this process dynamic and more user-friendly, we now require users to authenticate themselves by logging into their Dropbox accounts. If you visit the link mentioned above, you will see a popup window for Dropbox login.
We have reviewed the Dropbox API documentation, but we haven't found othe convenient solution that would allow us to generate the access token programmatically behind the scenes without requiring our users to log in or sign up for Dropbox accounts. It's important to note that, in our current setup, having a Dropbox account is mandatory for users to submit the form with uploaded documents. However, since all the data is ultimately stored in our Dropbox account, we are exploring any potential alternatives that would enable us to store user documents in our Dropbox using the API without mandating Dropbox login or signup for our users.
Any help in this regard will be highly appreciable.
Hi cmpl2022,
Yes, Dropbox access tokens are short lived and expire in few hours (typically 4 or so). Doesn't matter how they are received! The way to achieve long term access is usage of refresh token (offline access). In such a way you can "refresh" (create new access token programmatically, without further user interaction) whenever needed and go further in your algorithm. If you use some of the SDKs, it's implemented there already - you need just to initialize the Dropbox client object in a proper way and use it... as usual. If you drive your API calls directly, take a look here for details how it can be performed. Just don't forget to implement in your algorithm a check before each regular call if current access token is going to expire (before use it) and if so, to refresh it and use after that. You will need to store refresh token and expiration moment of the current access token in addition (to be able check if it's going to expire). 😉 That's it.
In such a way you don't need your users to drive their own account etc. and all could be done in your account only.
Hope this helps.
Thank you for your suggestion. I have tried this and it has worked. This is very helpful for me.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
