Child Item

Changing scope permissions

If the scope permissions are later changed in the app, does a new access token apply those changes?
Or is it necessary to revoke the old refresh token, obtain a new refresh token, and then get a new access token to ensure that the app permissions are enforced?

Find more posts tagged with

API

Abuse

Comments

Здравко

@Paul R.17 wrote:
If the scope permissions are later changed in the app, does a new access token apply those changes?
...

Hi @Paul R.17,

If you mean, "new access token" got at initial authorization - Yes, otherwise - No. The token' rights/scopes are not retroactive; they keep the state as is/was on authorization.

@Paul R.17 wrote:
... is it necessary to revoke the old refresh token, obtain a new refresh token, and then get a new access token to ensure that the app permissions are enforced?

Exactly! 😉

Hope this helps.

Paul R.17

Thanks for the confirmation.
Your help here in the forum is very much appreciated, and helping us understand more about the Dropbox API.