Child Item

Permanent Token?

I'm really just double checking here... because it looks like DB is moving to the refresh-token model, and this is not robust enough for what I want to do.

We are trying to use Dropbox to upload files from a series of unattended test systems. (Well, they are attended, but mainly by operators with with no authority). We will have an engineer on site, but we want as minimal interaction as possible.

This means I would like to have a permanent token for a specific area within DB that we can upload and and download files by these automated systems.

Just to head off questions about it... these will be running in a la in a foreign country, and there will be minimal access. So if DB cannot provide this type of access, then we will have to find another service.

Find more posts tagged with

Developers

Accepted answers

Здравко

@ultralame wrote:
...
This means I would like to have a permanent token for a specific area within DB that we can upload and and download files by these automated systems.
...

The refresh token is permanent (if not intentionally revoked or until revoke). About the "specific area": application folder access (instead of full access), doesn't it cover your expectations?

All comments

Здравко

@ultralame wrote:
...
This means I would like to have a permanent token for a specific area within DB that we can upload and and download files by these automated systems.
...

The refresh token is permanent (if not intentionally revoked or until revoke). About the "specific area": application folder access (instead of full access), doesn't it cover your expectations?

ultralame

Wait, the refresh token doesn't expire?

So I can exchange the static refresh token for a new token each time I run? I am deploying this to a couple dozen autonomous systems. I need to be able to do this knowing that the token is basically permanent until I revoke it.

Здравко

@ultralame wrote:
Wait, the refresh token doesn't expire?
...

Exactly. Or least to a moment (if any) when application itself revoke it or user, who granted access, revokes it.

@ultralame wrote:
...
So I can exchange the static refresh token for a new token each time I run? I am deploying this to a couple dozen autonomous systems. I need to be able to do this knowing that the token is basically permanent until I revoke it.

Take a look here for an example how all tokens can be "produced" and access token got "refreshed" using refresh token whenever needed. If you are using some supported SDK, usually refreshing is performed in the SDK on demand (function/method call) automatically (without you do anything in addition).

ultralame

OK, Looks like I made the refresh token work, and obtained one.

I'll test and see if this works for me. Thank you!