We're making changes to the Community, so you may have received some notifications - thanks for your patience and welcome back. Learn more here.
Forum Discussion
help: long-live tokens for dropbox app
Hello everyone, I know that there are other issues related to this but I did not find anything that really helped me. I'm trying to upload images (.png) from my PC to dropbox via an application t...
Greg-DB
Dropbox Staff
Dropbox StaffDropbox is no longer offering the option for creating new long-lived access tokens. Dropbox is now issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens. You can find more information on this migration here.
Apps can still get long-term access by requesting "offline" access though, in which case the app receives a "refresh token" that can be used to retrieve new short-lived access tokens as needed, without further manual user intervention. You can find more information in the OAuth Guide and authorization documentation. There's a basic outline of processing this flow in this blog post which may serve as a useful example.
The official Dropbox SDKs can handle this automatically for you. For the official Dropbox Python SDK, you can find examples of this flow at the following links:
Thank you but I have still a doubt on this..
I don't know any REDIRECT URI.. how can I get one? What's the criterion I could use to choose one? Actually is the only thing I still don't have.
- Greg-DB
The redirect URI is the location where the user should be sent after they authorize the app to access their account. It should be a URI controlled by your app and defined by you as the developer of the app. That being the case, I can't tell you exactly what yours should be, but for example, if you're building a web app and your redirect URI for your development environment looks like http://localhost/auth, then it would typically look like https://example.com/auth in the deployed environment. For reference, it is optional; you can opt to not use a redirect URI, in which case you would omit that parameter and the user would need to manually copy/paste the authorization code. For instance, the Python SDK samples I linked to don't use a redirect URI.
So, if I got it right, using a redirect URI is the only way for generating a refresh token automatically (i.e. not manually by authorizing by myself)?
sorry for the confusion, i'm not very into these things and I find this very complicated!
D.- Greg-DB
No, a redirect URI is not required to get a refresh token. Whether or not a redirect URI is used though, the manual authorization step does need to be handled by the user manually in order to authorize the app to access their account and receive a refresh token. This only needs to be done once per account though; the refresh token can then be stored and re-used programmatically without the user present.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
