FrustratedUser3 Helpful | Level 6

Of course not, lol. I should have clarified. Sorry about that. Dropbox search is a unreliable at best. My org basically doesn't use it anymore. We index the files through the API, which works 10000x better.

Is there some reason you guys always send the answers to people via email instead of posting the solutions on the forum? It is ridiculous that I have the same question, but now I have to wait for support to send me the answer that was already given to someone else.

The oauth2 guide does not make that clear, but you're right. I added redirect_uri to the parameters as follows: if(isset($code)) { $data[] = "grant_type=authorization_code"; $data[] = "code={$code}"; $data[] = "redirect_uri={$this->cfg->get("siteUrl")}/api/v1/Dropbox/Oauth2";} else { $data[] = "grant_type=refresh_token";…

I was pointing out that the documentation is incomplete. The state variable is mentioned, the code variable is implied, and the http VERB is not referenced. This needs to be added to the documentation: After the user presses allow during the code flow process, the browser sends a request to the redirect URI using the GET…

It's not clear from your response if the sdk stores the token in CoreData, memory, or somewhere else. The documentation does not mention the storage location either. Please explain how the token storage works and how the app gains access to the token if the app has been killed, removed, reinstalled, etc. These details…

When you run the script, a link is provided to you via the console, which you have to paste into a browser window. Once you go to the link, a code is provided. That code is the auth_code, which has to be pasted into the console to finish the authentication sequence.

Thanks for the reply. I am looking through the links you provided to learn more. Do you happen to know if there are any examples of how to integrate the SDK(s) in a React Native app?

It looks like some of the documentation has been updated, but I didn't see anything in the Oauth guide, which would be the best place to explain the process. I've been asked a few times about how to fix this in code and the solution is really straight forward to explain via the code itself. Go here to see a PKCE…

The documentation really should address these issues. It is not obvious how the refresh mechanism works and a few sentences would prevent a lot of confusion. The code example could use a comment as well for the same reason. "Refresh tokens can be used multiple times to create new tokens." More explanation would be much…

Got it. Thanks. Do you happen to know where I can read about this in the documentation? I can't find the information you're explaining and I'm not sure how the SDK stores the token or if it's safe. Does it put the token in a plaintext file on the disk somewhere?

Thanks for the response. Just to be sure I'm understanding: * I need to store the refresh token from the original authentication call. * When the access token expires, the original refresh token can be used to generate a new access token. Is that correct? Also, what happens if you lose the refresh token? It doesn't make a…