Child Item

Refresh Tokens vs OAuth Flow

I have a business dropbox account and we are trying to build an app using the no-code tool Appgyver which will allow our internal users (<10 users) to store images and files on our company dropbox account.

The no-code tool Appgyver does not support redirectUri so currently, our user has to copy the authorization code and paste it in the app to get the access token. Doing this once is not a problem, but we can't expect users to do it whenever they need to access dropbox. Is there any way we can increase the validity of the token?

As far as my understanding goes (I am a noob), user will have to have the authorization code to get the refresh token means we either store it locally in the user's device or generate it each time.

What would be the best way to deal with it?

Find more posts tagged with

Developers

Comments

Здравко

Hi @karanag,

At the beginning refresh token is a possible result of OAuth flow, so 'Refresh Tokens vs OAuth Flow' is somewhat meaningless. 🤷 You can't get to long term access without neither of OAuth flow nor refresh token.

@karanag wrote:
... Is there any way we can increase the validity of the token?
...

Probably you mean access token, needed to call to all regular API calls. Its validity is limited in time and usually can't exceed more than 4 hours - exact validity period is pointed every single time you get such a token. To prolong access validity you need a refresh token and have to include refresh process into your application logic. A simple example of such refresh logic can be seen here. 😉 Realize the same calls using your platform capabilities.

Hope this helps.

karanag

Thank you for the link. I will go through it. Hope it has a solution.

Yeah, I probably mistyped what I meant. I am not from a tech background, but thanks to the no-code movement and helpful people on support forums such as these, we can also make apps for ourselves