Child Item

App Script & Dropbox: Expired Access Token Issue - Need Help with Long-Lived Token

Hi Dropbox Community,

I've created a Google Apps Script to automatically send copies of modified Excel files as CSV files to my Dropbox. The script uses a Dropbox App Folder (created in the App Console) and works by using a Dropbox access token. The App is simple and doesn't require Redirect URIs, Webhook URIs, etc.

My script (snippet below) worked perfectly for several hours, relying solely on the access token:

function onEdit(e) {
// Configuration
const ACCESS_TOKEN = 'DropBox_Access_Token';
const DROPBOX_FOLDER_PATH = 'Folder_Path';
const FILE_NAME = 'data.csv'; // Name of the CSV file in Dropbox
// ... (rest of the script)
}
However, after some time, it stopped working with this error:

Error uploading file to Dropbox: Exception: Request failed for https://content.dropboxapi.com returned code 401. Truncated server response: {"error_summary": "expired_access_token/", "error": {".tag": "expired_access_token"}} (use muteHttpExceptions option to examine full response)

This clearly indicates the access token has expired. The script's purpose is to run automatically without manual intervention.

My question is: how to get long-lived access token and how can I modify my Apps Script to use a long-lived access token or a refresh token mechanism to prevent this token expiration issue?

Any guidance or examples would be greatly appreciated.

Thanks in advance for your help!

Find more posts tagged with

API

Abuse

Comments

iNeil

Hello @TStack,

Dropbox is no longer offering the option for creating new long-lived access tokens. Dropbox is now issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens. You can find more information on this migration here.

Apps can still get long-term access by requesting "offline" access though, in which case the app receives a "refresh token" that can be used to retrieve new short-lived access tokens as needed, without further manual user intervention. Refresh tokens do not expire automatically and can be used repeatedly. You can find more information in the OAuth Guide and authorization documentation. There's a basic outline of processing this flow in this blog post which may serve as a useful example.

TStack

Solution Found: Automating Sending Google Sheets to Dropbox

We've come up with two efficient methods for automating the upload of Google Sheets as CSV files to Dropbox, using Google Apps Script.

Approach 1: Short-lived Access Token

Utilizes short-lived access tokens that need manual renewal. Follow the script instructions for Dropbox app setup and trigger configuration.

Approach 2: Refresh Access Token

Implements refresh tokens for automatic renewal, enhancing security and reducing maintenance. Detailed instructions for app setup and authorization are included.

For code examples and further details, check out the full guide at TSSFL Technology Stack: https://www.tssfl.com/viewtopic.php?t=6879

Feel free to modify the solutions as needed!

TStack

Hi @iNeil,

How sustainable is this processes of using long-lived tokens?

Greg-DB

@TStack If you're referring to any long-lived access tokens retrieved before the switch to short-lived access tokens and optional refresh tokens, note that while the creation of new long-lived access tokens is no longer available, we don't currently have a plan to disable existing long-lived access tokens. (If that changes, we will of course announce that ahead of time.) That being the case, you can continue using existing long-lived access token(s) without interruption, if you have any.

Alternatively, for long-term access going forward, the preference is to use refresh tokens, which can be used to retrieve new short-lived access tokens as needed. Refresh tokens do not expire automatically and can be used repeatedly.

TStack

I wanted to ask how sustainable is the use of refresh tokens, which can be used to retrieve new short-lived access tokens as needed?

And How is that sustanaible in combination with Google Apps Script? Since I use the refresh tokens to retrieve short-lived tokes for pushing Google sheets as CVS files to DropBox.

Greg-DB

@TStack Can you clarify what you mean by "sustainable"?

TStack

I mean is it a trusted process that can be steady for years without any disruptions? Imagine having a number of apps for customers that use Apps Script and DropBox as explained (for production), and suddenly things do no work!

Greg-DB

@TStack Yes, refresh tokens do not expire automatically, so they can be used reliably for long periods of time, even years. Be aware though that refresh tokens/access tokens can be revoked on demand by the app or user.