How to logout a user using Box V2 iOS SDK

Question

In the V1 iOS SDK it was possible to logout the current user as follows:

 [Box logoutWithCallbacks:^(id <BoxOperationCallbacks> on)
 {
     on.after(^(BoxCallbackResponse response)
              {
              });
 }];

How is it done using the V2 SDK?

rmaddy · Accepted Answer · 2013-11-25T18:02:40.907

3

Here's what I do:

BoxSDK *sdk = ... // a reference to the BoxSDK for the user
sdk.OAuth2Session.accessToken = @"INVALID_TOKEN";
sdk.OAuth2Session.refreshToken = @"INVALID_TOKEN";

That's it. The next time you try to do anything with the user's session you will be forced to log in again.

Update - you can see this in action in the Box sample app at https://github.com/box/box-ios-sdk-sample-app. Look at the BoxFolderViewController.m file.

edited Nov 25 '13 at 18:02

answered Nov 25 '13 at 17:54

rmaddy

314,917
42
532
579

Note that this does NOT revoke the OAuth2 tokens on the server, it only removes your app's reference to them. Adding a logout+revoke to BoxOAuth2Session is something we'd like to add to the SDK. We're tracking it here: https://github.com/box/box-ios-sdk-v2/issues/65 – Ryan Lopopolo Jan 13 '14 at 05:28
I'm having a problem with this. I want to be able to distinguish when a user's account is not logged in, and when a file download fails for another reason (e.g. file was deleted). I use sdk.OAuth2Session.isAuthorized for the former check, and the failure block in downloadFileWithId for the latter. However, after I "log out" as shown above, isAuthorized continues to return true, so now, my code thinks the file download failed because something else was wrong. – Rob Mar 27 '14 at 21:09
To work around the issue I describe above, I now use the following check (sdk.OAuth2Session.isAuthorized && ![sdk.OAuth2Session.accessToken isEqualToString:@"INVALID_TOKEN"]). I'm not sure if this is the best approach but it seems works so far. @RyanLopopolo, is there a better way to check for this? Also, thank your for your work with this SDK! – Rob Mar 27 '14 at 21:10
sdk.OAuth2Session.isAuthorized compares the current time stamp to the expiration timestamp of the OAuth2 tokens returned during the last token refresh. If you are mucking around with OAuth2Session state, you should not expect this call to be accurate. The isAuthorized call is *already* inaccurate because OAuth2 tokens can be revoked externally by users and admins via the API and web application. – Ryan Lopopolo Mar 29 '14 at 00:58

score 1 · Answer 2 · edited Oct 31 '14 at 04:38

1

This is how to logout correctly

[BoxSDK sharedSDK].OAuth2Session.accessToken = nil;
[BoxSDK sharedSDK].OAuth2Session.refreshToken = nil;

edited Oct 31 '14 at 04:38

Will

1,697
17
34

answered Apr 03 '14 at 18:09

Igor Tudoran

11
3

score 1 · Answer 3 · answered Nov 03 '16 at 22:51

1

This is how it's done with the latest SDK from https://github.com/box/box-ios-sdk

[BOXContentClient logOutAll];

answered Nov 03 '16 at 22:51

gregyoung14

347
3
8

score 0 · Answer 4 · answered Aug 12 '20 at 07:06

0

swift version answer for logout box sdk session *

   boxClient.destroy { (res) in
                
   }
   boxClient = nil

answered Aug 12 '20 at 07:06

Jagveer Singh

2,258
19
34

How to logout a user using Box V2 iOS SDK

4 Answers4