nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Child Item

Auth Token Question

slingxshot

Hello,

I am using JavaScript API from dropbox. Is there a way to generate a temp token, so it expires after its used once?

I find a permanent token is risky, anyone can just upload anything to my account.

Thanks!

Find more posts tagged with

API

Abuse

Comments

Greg-DB

No, the Dropbox API doesn't automatically expiring tokens, but I'll be sure to pass this along as a feature request. You can revoke any token on demand though, using authTokenRevoke.

Also, note that the API was designed with the intention that each user would link their own Dropbox account, in order to interact with their own files. However, it is technically possible to connect to just one account. We don't recommend doing so, for various technical and security reasons, such as what you mentioned.

slingxshot

So it sounds like I will need to do this server side like PHP or Java to hide the token, etc?

Thanks

Greg-DB

Yes, that would be the only safe way to do it.