Security [SOLVED]: Using Dropbox access token from multiple devices

Security [SOLVED]: Using Dropbox access token from multiple devices

Home Forums Security Security [SOLVED]: Using Dropbox access token from multiple devices

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #36746

    Anonymous

    QuestionQuestion

    Today – Users’ Dropbpox access tokens – which are obtained when a user authenticates the app – are kept in my backend, linked to the authenticated user. So when a user authenticates once from any platform – he will have the same Dropbox access from any other platform or device he uses, since the access token are kept in the backend.

    We want to allow each client to use the Dropbox SDK in order to communicate directly with Dropbox services where it seems fit, requiring the clients hold an use the connected user’s Dropbox access key.

    We’re looking for a way to give the user a “seamless” Dropbox connection.

    • Is there an alternative where the user will not have to authenticate my app per device?
    • Can an access token be shared from one device to another?

    #36747

    Anonymous

    Accepted AnswerAnswer

    Yes, it looks like you have the right idea. If you don’t want your users to authorize the app one per device, you can use the access token already on the server and distribute it to each of the user’s clients.

    Dropbox API access tokens are not tied to specific devices or IP addresses, so you can share and re-use them across devices.

    Access tokens are very sensitive though, so make sure you only transport them to authenticated parties, over secure channels.

    Source: https://stackoverflow.com/questions/47952333/using-dropbox-access-token-from-multiple-devices
    Author: Greg
    Creative Commons License
    This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.