Menu
What is the lifetime for an Access Token acquired through the Dropbox oAuth2 APIs?
The answer after the https://api.dropbox.com/1/oauth2/token was something like
{
"access_token": "fHUlx32x494RmgTlxWiF6pLzd5q1Lg4Itt7I6itVYDIDT",
"token_type": "bearer",
"uid": "17233223324"
}
But there's no mention of when the AT expires. If ever.
690
Dropbox access tokens are short lived, and will expire after a short period of time. The exact expiry time of a token is returned by the token endpoint (or the redirect URI in implicit grant) - but is generally long enough for a reasonable web session.
By default, access tokens are valid for 60 days and programmatic refresh tokens are valid for a year.
When you create a personal access token, we recommend that you set an expiration for your token. Upon reaching your token's expiration date, the token is automatically revoked. For more information, see "Creating a personal access token."
When the access token expires, the application will be forced to make the user sign in again, so that you as the service know the user is continually involved in re-authorizing the application.
It effectively never expires. But users can invalidate tokens by unlinking an app. (In the case of an App folder app, they can delete the app folder from their Dropbox. For all apps, they can unlink the app on dropbox.com.)
91
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
