I have been using the dropbox api and OAuth2 to let people to save and access their data from their dropbox on my app, however I have realised I may be doing something wrong with the keys I had gotten from dropbox. These keys I have hardcoded them into my app so that it knows to link to my particular dropbox API when someone tries to log into it on my app, is this the correct way or doing it? Or is the user suppose to generate a new key every time ?
Just for some background info - the user still uses their own dropbox login and password to log into their dropbox. To the best of my knowledge, the hardcoded keys function is to point to my particular dropbox API.