We’re Still Here to Help (Even Over the Holidays!) - find out more here.
Forum Discussion
Solved
Application token key
Is it possible to get a token key only with APP_KEY and APP_SECRET without redirect_uri the authorizing URL that needes the user to open the URL in a new tab and copy-paste the code?
If not, can I ...
guymayor Здравко is correct; the Dropbox API doesn't offer a way to upload files based only on the app key and secret. The app key and secret only identify the app itself. Making changes to an account, such as uploading files, requires authorization to access that account.
The Dropbox API doesn't offer any sort of "app account" or "app storage" where you can upload files outside of any specific user account, but I'll pass this along as a feature request. I can't promise if or when that might be implemented though.
To get an access token for a specific user account for the Dropbox API you need to send the user through the OAuth app authorization flow.
Likewise, to get an access token for an entire Dropbox Business team for the Dropbox Business API you need to send a team admin through the OAuth app authorization flow. If the Dropbox Business API app is registered for the "team member file access" permission, you can then use the resulting access token to access any member's account via the "member file access" feature documented here. The individual member doesn't need to additionally authorize the app, as it's been authorized for the entire team by a team admin.
Finally, an actual Dropbox API access token does not expire by itself, but it can be revoked by the user or app at any time. Also, note that "access tokens" are not the same as "authorization codes". Authorization codes are short-lived, single-use codes that can be exchanged for an access token.
I'm not sure what you really ask. Dropbox authorization is based on token keys, so such key is something mandatory.
I'll rephrase the question,
Is it possible to use API methods that support Dropbox-API-Select-Admin header as authentication like files-upload with a token key that being generated only by app_ket and app_secert (without user approval)
:grinning::slight_smile: Read more carefully files-upload info, you have referred above. Is there any info about using this API point without token (what info will be accessed in such case)?! :thinking: Read again, more carefully, my first post in this thread. :wink:
I'm not sying access without a token, I just want to get a token without a user approval
I'm not sying access without a token, I just want to get a token without a user approval
No way.
If you install a mail application, for example, is there a way this app can access your mailbox without your consent?! :grin: Would you be glad in such a situation?!
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
