Seamless migration from non-expiring access token to refresh token?

Mark R.43

Hello,

 

We have an existing application that integrates with Dropbox via the .NET SDK. The application currently acquires user consent once and then stores a non-expiring access token for future use. We'd like to migrate to using short-lived access tokens, and wish to do so with minimal user interaction.

 

Switching to short-lived access tokens seems clear cut - we need to convert to storing a refresh token that can be used to request short-lived access tokens. However, we'd like to do this without asking the user to re-authorize. Is there a way to exchange a non-expiring access token for a refresh token without user interaction?

 

- Mark

Greg-DB

It's not possible to exchange a long-lived access token for a refresh token, however it is not necessary to make existing connected users switch anyway. Existing long-lived access tokens can continue to be used, as we don't currently have a plan to disable existing long-lived access tokens. (If that changes, we will of course announce that ahead of time.)