Forum Discussion

Explorer | Level 4

11 months ago

Dropbox SDK Integration: Access Token Challenges

Hello everyone,

I'm currently working on developing a server-side application (using TypeScript) that integrates with Dropbox among other functionalities. I've created an application in the app console, granted it the necessary access, and subsequently generated an access token using the app console.

Within my application, I'm utilizing the Dropbox SDK and initializing it as follows:

this.fileClient = new Dropbox({
  accessToken: process.env.DROPBOX_ACCESS_TOKEN,
  selectUser: process.env.DROPBOX_USER,
});

Initially, everything works smoothly until the access token expires, leading to an 'expired_access_token' error. I had the impression that the SDK would handle token refreshing automatically. Despite searching extensively, I haven't been able to find a solution.

By the way, the app console provides me with a short-lived token (starting with 'sl.').

Developers

Здравко
11 months ago
Would be enough something like:

this.fileClient = new Dropbox({ refreshToken: process.env.DROPBOX_REFRESH_TOKEN, clientId: process.env.DROPBOX_CLIENT_ID, clientSecret: process.env.DROPBOX_CLIENT_SECRET, selectUser: process.env.DROPBOX_USER, });

To avoid meaningless refresh (usually need no more than once for 4 hours) in frequent client object construction, sharing a DropboxAuth object might be useful. Something like:

this.auth = new DropboxAuth({ refreshToken: process.env.DROPBOX_REFRESH_TOKEN, clientId: process.env.DROPBOX_CLIENT_ID, clientSecret: process.env.DROPBOX_CLIENT_SECRET, }); ... this.fileClient = new Dropbox({ auth: this.auth, selectUser: process.env.DROPBOX_USER, });

Otherwise refresh will be executed on every client construction and if you just perform a single API call, the needed overall time will be doubled - decreased efficiency. To work the last, you need to keep 'auth' object global and shared throughout all your code (or saved with proper mutex protection), so the state won't start always from "zero". Of course this is optional - you decide whether improves your efficiency.
Good luck.

Здравко
Legendary | Level 20
11 months ago
Hi ojdev,
Yes, the SDK would refresh (regenerate in fact) access token if/when you provide refresh token together with app key and likely needed app secret - something that's missing in your code. Take a look here how you can get it by hands and use in your code later. You don't need the last step there - it's implemented in Dropbox SDK.
Hope this helps.
- ojdev
  Explorer | Level 4
  11 months ago
  Thank you for your response!
  Following the mentioned process, I acquired a refresh token.
  I need clarification: will initializing my Dropbox SDK client like this suffice?
  this.fileClient = new Dropbox({ accessToken: process.env.DROPBOX_ACCESS_TOKEN, refreshToken: process.env.DROPBOX_REFRESH_TOKEN, selectUser: process.env.DROPBOX_USER, });
  Or, do I need to initialize it differently, like this?
  
  this.fileClient = new Dropbox({ accessToken: process.env.DROPBOX_ACCESS_TOKEN, refreshToken: process.env.DROPBOX_REFRESH_TOKEN, clientId: process.env.DROPBOX_CLIENT_ID, clientSecret: process.env.DROPBOX_CLIENT_SECRET, selectUser: process.env.DROPBOX_USER, });
  - Здравко
    Legendary | Level 20
    11 months ago
    Would be enough something like:
    
    this.fileClient = new Dropbox({ refreshToken: process.env.DROPBOX_REFRESH_TOKEN, clientId: process.env.DROPBOX_CLIENT_ID, clientSecret: process.env.DROPBOX_CLIENT_SECRET, selectUser: process.env.DROPBOX_USER, });
    
    To avoid meaningless refresh (usually need no more than once for 4 hours) in frequent client object construction, sharing a DropboxAuth object might be useful. Something like:
    
    this.auth = new DropboxAuth({ refreshToken: process.env.DROPBOX_REFRESH_TOKEN, clientId: process.env.DROPBOX_CLIENT_ID, clientSecret: process.env.DROPBOX_CLIENT_SECRET, }); ... this.fileClient = new Dropbox({ auth: this.auth, selectUser: process.env.DROPBOX_USER, });
    
    Otherwise refresh will be executed on every client construction and if you just perform a single API call, the needed overall time will be doubled - decreased efficiency. To work the last, you need to keep 'auth' object global and shared throughout all your code (or saved with proper mutex protection), so the state won't start always from "zero". Of course this is optional - you decide whether improves your efficiency.
    Good luck.

About Discuss Dropbox Developer & API

Make connections with other developers

795 PostsLatest Activity: 7 days ago

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!

Forum Discussion

Dropbox SDK Integration: Access Token Challenges

About Discuss Dropbox Developer & API

Related Content

Django integrate with Dropbox

Hoe integreer ik Dropbox met mijn App en website?

Integrate Dropbox with .Net Core 6 web application

Integrating Dropbox API into file sharing application

Webhook integration -- Challenge is inserted at the start of the URL parameters

Recent Discussions

Sharing folders to users with viewer still permits downloads

Cannot set expire settings for sharing_create_shared_link_with_settings

GET Usage (in MB, updates every 8 hours) FROM python sdk

Regarding Access Token Expiration Policy

My token expire - I want to not expire