You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
novaut
3 years agoExplorer | Level 4
I'm struggleing to download a single file from the API
Hello there,
I'm struggleing to download a single file from the API.
I'm supplying the app key and secret for App Authentication but I'm getting this error:
Error in call to API funct...
- 3 years ago
novaut wrote:...
One question for how long refresh_token is alive? Is it long-lived?
...
Hi novaut,
Yes, it's long lived token. The refresh token remains valid till explicit revoke either from application itself or user that granted access for your application to its data.
novaut wrote:...
I successfully got the file from Dropbox using the refresh_token and it doesn't ask for http authentication 🙂
...
You make me doubt you have understand everything correctly. You can download a file only with access token authentication, not directly with refresh token!!! The refresh token helps you keep receiving valid access token without further user actions. 😉 Hope this was just a confusion while typing.
Good luck.
Здравко
Legendary | Level 20
novaut wrote:...
I'm following the App Authentication example from https://www.dropbox.com/developers/reference/auth-types#app
Why it doesn't work? I just want to use the API in a simple way.
...
Hi novaut,
Wow, wow, wow... 😁 I haven't seen this big fault of Dropbox documentation. You can call some API endpoints with application authorization only when public data are handled (i.e. data for links etc). The examples shown there are completely wrong! Application authorization is designated for application confirmation (no some user authentication), that's why you can NOT access any user data in such a way. As noted in your error message for such thing bearer access token is needed (something showing that the particular user grant access to its data) - something you miss. That's why it doesn't work.
🙂 Another stupid thing is statement:
... This can be done either as separate strings, as shown in the first two examples below, or as an base64-encoded Basic authorization string in the Authorization header ...
The Basic authentication is ALWAYS performed with base64 encoding!!! You can do it explicitly or let curl does it internally. The person typing this documentation needs some tutorials...
Anyway... since you need user access, you need user authentication too. 😉 You need least access token (as noted there). Keep in mind that such a token is short lived. It's enough for single time use or use in relatively short period of time. If you need to gain access for longer period (without automatic expiration), than refresh token is needed too. You can take a look here how you can manage this.
Hope this helps.
novaut
3 years agoExplorer | Level 4
Hi Здравко,
Thanks for helping me.
I need to find an easy way to get the file from my Dropbox account.
I have API key, API Secret and I can't get the Authorization Code to get the Bearer Token because it asks me to login with my Dropbox username and password.
How can I do it with a request from my server?
It's complex to understand.
Thanks again 🙂
- Здравко3 years agoLegendary | Level 20
novaut wrote:... it asks me to login with my Dropbox username and password.
How can I do it with a request from my server?
...
Hm... 🤔 Sometime ago was an option to generate long lived access token for long term access. Unfortunately, since long lived access token is retired already, no way to generate credentials for long term access in such a way (not yet at least). That's why you need to login once (at least) to create your credentials (such login doesn't need to be on the server - you can do it anywhere) and after that you can use available credentials on your server without logging in anymore (the refresh token keeps your granting). 😉 That's it.
- novaut3 years agoExplorer | Level 4
Hi Здравко,
I have generated credentials once as authorization_code and bearer_token but it expires.
I tried to refresh the authorization_code and got "error_description": "code does not exist or expired".
Can you confirm if this information still alive? "refresh_token String? A unique, long-lived token that can be used to request new short-lived access tokens without direct interaction from a user in your app."
Do I have to refresh the authorization_code every 3 hours to keep it long-lived?
Thanks again 🙂
- Здравко3 years agoLegendary | Level 20
novaut wrote:...
I have generated credentials once as authorization_code and bearer_token but it expires.
...
Yes, that exactly what I said!!!
Seems you haven't read my posts before (my post before the last my post too). Read them with care! Code is for one time use - it can't be reused.
PS: The code is NOT part of your credentials!
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
5,882 PostsLatest Activity: 3 hours agoIf you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!