One month down in 2025: How are your resolutions coming along? Check out how to get back on track here.
Forum Discussion
RGDev
6 years agoExplorer | Level 3
Access Token for Dropbox Business App
I'm going to develop an applcation for Dropbox for Business team. E.g. this will be a desktop application that searching content across all accounts in organization.
And I slightly confused about OAuth section parameters when creating the application.
As far as I understood, I have two options:
1. Get Access Token progammatically via "Redirect URI" when first app starting
2. Get Access Token by clicking "Generate" button (in dev console when app creating)
Eventually, I need to securelly store this Access Token and use it to connect to Dropbox team and team members.
What is options preferrable and more secure in my case (1 or 2) ? Please advise.
Yes, for "Dropbox Business API" apps, the access tokens enable access to the entire team (and in particular, Dropbox Business API apps with the "team member file access" permission can operate on specific members, using DropboxTeamClient.AsMember).
For "Dropbox API" apps, the access tokens enable access only to the individual account.
This works the same way regardless of how the access token was retrieved (i.e., OAuth flow vs. "Generate" button).
- Greg-DB
Dropbox Staff
The second option you mention, getting an access token by clicking the "Generate" button on the app's page, is only for getting an access token for your own account (i.e., the owner of the app).
If you need to allow abritrary end-users to connect their own Dropbox accounts to your app, you'll need to implement the OAuth app authorization flow. (That's the first option you mentioned, though redirect URIs aren't always required.)
I recommend reading the OAuth guide for more information. You can find the Dropbox OAuth documentation here.
- RGDevExplorer | Level 3
Thank you for quick answer.
But, it looks like the Access token that was generated by clicking "Generate" button give me access also to all Dropbox accounts in the team.
At least, DropboxTeamClient.AsMember method allows me to perform user's endpoints methods.
- Greg-DB
Dropbox Staff
Yes, for "Dropbox Business API" apps, the access tokens enable access to the entire team (and in particular, Dropbox Business API apps with the "team member file access" permission can operate on specific members, using DropboxTeamClient.AsMember).
For "Dropbox API" apps, the access tokens enable access only to the individual account.
This works the same way regardless of how the access token was retrieved (i.e., OAuth flow vs. "Generate" button).
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.5,950 PostsLatest Activity: 14 hours ago
If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!