Your workflow is unique 👨‍💻 -  tell us how you use Dropbox here.

Forum Discussion

Panayotis V.1's avatar
Panayotis V.1
New member | Level 1
9 years ago

Authentication for command line app

I'm writing an app in Python, that needs to access the Dropbox APIv2. However, if I follow the typical OAuth flow for user authentication, I will have to include my APP_KEY and APP_SECRET in the sour...
API
Greg-DB's avatar
Greg-DB
Icon for Dropbox Community Moderator rankDropbox Community Moderator
9 years ago

This is a general problem with using OAuth in client-side applications, since client-side apps like this can't keep secrets. OAuth 2 addresses this with the "token" or "implicit" flow. When using the token flow (as opposed to the "code" flow), the app doesn't need the app secret to get an access token for the user. You can find more information on the different flows in the documentation here:

https://www.dropbox.com/developers/documentation/http/documentation#authorization

For a client-side app like this, you should use the token flow. Also, you didn't mention if you're using it, but for reference, the official Dropbox Python SDK is mainly meant for server-side apps, where the secret can be kept secret, so it doesn't support the token flow.

About Dropbox API Support and Feedback

Node avatar for Dropbox API Support and Feedback
Get help with the Dropbox API from fellow developers and experts.

The Dropbox Community team is active from Monday to Friday. We try to respond to you as soon as we can, usually within 2 hours.

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X, Facebook or Instagram.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!