Does dropbox access token pair change?

StackOverflow https://stackoverflow.com/questions/17553019

Frage

I want to store some information on MY dropbox storage (not the users) in an app. So I manually request an access token pair, than hardcode it to the app. I know it's not secure, but the question is:

Does the access token pair change by time? When does it change? Is it possible, to can't connect the dropbox a year from now, because the token pair is outdated?

War es hilfreich?

Lösung

See Dropbox API:

401 Bad or expired token. This can happen if the user or Dropbox revoked or expired an access token. To fix, you should re-authenticate the user.

And even better Dropbox Best Practices:

Your app should take precautions in case of revoked access. Access tokens may be disabled by the user (from the account page), revoked by Dropbox administrators in cases of abuse, or simply expire over time.

Unfortunately I can't tell you the time span it takes a token to expire but you should definetely prepare to request new Access Tokens.

Andere Tipps

Access tokens do not currently expire, though that may change in future. You'd need to be very careful never to unlink your app from the account used to generate the token, though, since that would invalidate the token which is hard-coded into your app.

I can't recommend this, though, for the security reasons you bring up. A token embedded into your app can be discovered by someone reverse-engineering the app. And anyone with that token can not only read, but also write to the Dropbox (or App folder) to which the token has access, and by doing so they might screw up the other users of your app.

Lizenziert unter: CC-BY-SA mit Zuschreibung
Nicht verbunden mit StackOverflow
scroll top