cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community
English
Announcements
Musicians, convert your MuseScore files to PDF to play music on the go! Learn more here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: How to use disable_access_token

Labels:

How to use disable_access_token

Antje H.1
New member | Level 1
‎01-02-2015 12:40 PM

Hi Dropbox,

in your API you describe a Method called "disable_access_token". How does this method work? What are the parameters? When i call it, it says {"error": "No auth method found."}

Can you give me an example?

Thanks...

Labels:
  • 0 Likes
  • 7 Replies
  • 3,404 Views
0 Likes
7 Replies 7

Steve M.
Dropbox Staff
‎01-02-2015 02:01 PM

The auth works the same way as any other Core API method. E.g.

curl -X POST https://api.dropbox.com/1/disable_access_token -H "Authorization:Bearer <access token>"
0 Likes

Antje H.1
New member | Level 1
‎01-02-2015 03:59 PM

Ok, thanks for your answer - works fine
But why is that user not unlinked in my app console? In development state, i have 100 users free. But the token disable does not delete that user from my linked users. It's still 1 / 100 😕

0 Likes

Steve M.
Dropbox Staff
‎01-02-2015 05:54 PM

That user probably has more than one access token, and you only unlinked one of them.

0 Likes

zentrale ..
New member | Level 1
‎07-07-2015 10:12 PM

@Steve M: Is this valid for OAuth2 tokens only? I was trying to disconnect a user with a oath (1) token but with no luck.

0 Likes

zentrale ..
New member | Level 1
‎07-07-2015 10:19 PM

@Steve M: To clarify the question, your documentation reads (https://www.dropbox.com/developers/core/docs#disable-token): "Disables the access token used to authenticate the call. This method works for OAuth 1 and OAuth 2 tokens." But with the auth you mentionned there is always an error: {"error": "The given OAuth 2 access token doesn't exist or has expired."} So no luck with OAuth 1 tokens anymore?

0 Likes

Kunal B.
New member | Level 1
‎07-19-2015 02:40 AM

I am working on chrome extension where I am using the token flow for user authorization and obtaining the access token. When the user logs in first time it works normally, asks for login credentials and all, once the user logs out a call is sent to disable_access_token to disable the access token which returns sucessfully with an empty json dictionary. Now when a user again clicks on the login button the app logs in without even asking for login credentials, why is it so.

Ok I figured it out, basically the access_token is disabled but the user is not unlinked from the app(as checked in app console on Dropbox) which means the user is simply not logged out of the app, merely the access_token is disabled, so how to ensure that the user gets unlinked as well ?

0 Likes

Steve M.
Dropbox Staff
‎07-24-2015 08:00 PM

Sorry for the late reply on this thread!

disable\_token should, as the documentation says, work with both OAuth 1 and OAuth 2. I would double-check to make sure you're using a valid OAuth 2 token (and properly authing the request via OAuth 2, typically an Authorization header value of "Bearer <token>".

Kunal, as long as the user has at least one valid access token, they'll be automatically redirected (without having to "allow"). If you disable all of a user's tokens for your app, this won't happen. You can also pass ?force_reapprove=true as per the documentation if you want to force the user to have to approve your app again.

0 Likes
Need more support?