Today – Users’ Dropbpox access tokens – which are obtained when a user authenticates the app – are kept in my backend, linked to the authenticated user. So when a user authenticates once from any platform – he will have the same Dropbox access from any other platform or device he uses, since the access token are kept in the backend.
We want to allow each client to use the Dropbox SDK in order to communicate directly with Dropbox services where it seems fit, requiring the clients hold an use the connected user’s Dropbox access key.
We’re looking for a way to give the user a “seamless” Dropbox connection.
Is there an alternative where the user will not have to authenticate my app per device?
Can an access token be shared from one device to another?
Yes, it looks like you have the right idea. If you don’t want your users to authorize the app one per device, you can use the access token already on the server and distribute it to each of the user’s clients.
Dropbox API access tokens are not tied to specific devices or IP addresses, so you can share and re-use them across devices.
Access tokens are very sensitive though, so make sure you only transport them to authenticated parties, over secure channels.