如何撤销为 Dropbox 应用程序生成的访问令牌?
How do I revoke generated access tokens for Dropbox applications?
我在测试期间生成了(通过网络手动 UI)多个访问令牌,并且所有这些似乎都有效。我可能也生成了一些,但实际上并没有在任何地方记录下来。
我如何:
a) 列出访问令牌
b) remove/revoke 不需要的访问令牌
我看过这里:www.dropbox.com/account/security,我可以看到列出了我的应用程序,但没有提及访问令牌。我不想删除整个应用程序,只是删除它的一些访问令牌。
相关应用具有 "App folder" 访问权限,这意味着它只能访问一个特定文件夹(和子文件夹)。
注意:当我说 "all seem valid" - 我的意思是每个令牌都可以成功地用于在特定应用程序文件夹上执行操作。
根据 Dropbox 论坛:
a) The Dropbox web site/API don't offer a way to list individual
access tokens.
b) There are several ways to revoke access tokens.
The user can revoke all access tokens for an app via the account
security page by clicking the 'x' at the right of the app's row. This
will revoke all access tokens for that app-user pair though, and
doesn't offer a way to revoke specific/individual ones.
If the app
uses the "app folder" permission, the user can delete the app folder
itself, which will cause any further API calls for that app-user pair
to fail.
The app can revoke individual access tokens using the
/2/auth/token/revoke API endpoint. That will revoke only the
individual access token used to make the call itself. You can use it
multiple times to revoke any/all access tokens you have.
我在测试期间生成了(通过网络手动 UI)多个访问令牌,并且所有这些似乎都有效。我可能也生成了一些,但实际上并没有在任何地方记录下来。
我如何: a) 列出访问令牌 b) remove/revoke 不需要的访问令牌
我看过这里:www.dropbox.com/account/security,我可以看到列出了我的应用程序,但没有提及访问令牌。我不想删除整个应用程序,只是删除它的一些访问令牌。
相关应用具有 "App folder" 访问权限,这意味着它只能访问一个特定文件夹(和子文件夹)。
注意:当我说 "all seem valid" - 我的意思是每个令牌都可以成功地用于在特定应用程序文件夹上执行操作。
根据 Dropbox 论坛:
a) The Dropbox web site/API don't offer a way to list individual access tokens.
b) There are several ways to revoke access tokens.
The user can revoke all access tokens for an app via the account security page by clicking the 'x' at the right of the app's row. This will revoke all access tokens for that app-user pair though, and doesn't offer a way to revoke specific/individual ones.
If the app uses the "app folder" permission, the user can delete the app folder itself, which will cause any further API calls for that app-user pair to fail.
The app can revoke individual access tokens using the /2/auth/token/revoke API endpoint. That will revoke only the individual access token used to make the call itself. You can use it multiple times to revoke any/all access tokens you have.