Forum Discussion

thbar's avatar
thbar
Helpful | Level 5
8 years ago
Solved

Cannot find a way to have a restricted API access to a team-shared folder

Hello, I have an accounting system for which we'd like to leverage our Dropbox Business subscription. What I need is a Dropbox folder, shared with specific members only, and a way to create a Dropb...
API
  • thbar's avatar
    thbar
    8 years ago

    Ultimately it worked out fine. I indeed used the trick in point #3, then:

    - POST /2/users/get_current_account (with an auth token for the restricted user) then fetch root_info/root_namespace_id

    - from there, add the header:

    Dropbox-Api-Path-Root set to {".tag": "namespace_id", "namespace_id": the_root_namespace_id}

    - fetch using /2/files/list_folder (and continue version)

    This allows restricted access to a team-shared folder.

    Now a word of feedback: I really hope in the future it will be possible to avoid the creation of a specific user & restrictions, and instead have Dropbox provide an additional level of access (instead of Full Dropbox vs. User-Specific-Folder) to allow access to a restricted list of folders.

    In all cases, thanks for your help, which put me on good track!

    -- Thibaut

thbar's avatar
thbar
Helpful | Level 5
8 years ago

Hello Chuck,

> When you say the app can only see it's own documents and not the company (team) shared folder for #3 do you mean, literally the listing does not contain ANY team folder content at all? As if it didn't exist?

It's exactly that. It can see its own documents (currently "get started with dropbox pdf"), and nothing else.

Thanks for your quick feedback, I'm diving into the namespacing documentation & playing around with the PAW API client, to see if I can figure out how to get what I need here.

Will report back :-) 

-- Thibaut

chirstius's avatar
chirstius
Icon for Dropbox Staff rankDropbox Staff
8 years ago

Sounds like that might be the case then. If you have additional questions just post them back, but once you get the root namespace, and add the path root header to your requests, I think you'll be in a good place.

Good luck!

-Chuck

  • thbar's avatar
    thbar
    Helpful | Level 5
    8 years ago

    Ultimately it worked out fine. I indeed used the trick in point #3, then:

    - POST /2/users/get_current_account (with an auth token for the restricted user) then fetch root_info/root_namespace_id

    - from there, add the header:

    Dropbox-Api-Path-Root set to {".tag": "namespace_id", "namespace_id": the_root_namespace_id}

    - fetch using /2/files/list_folder (and continue version)

    This allows restricted access to a team-shared folder.

    Now a word of feedback: I really hope in the future it will be possible to avoid the creation of a specific user & restrictions, and instead have Dropbox provide an additional level of access (instead of Full Dropbox vs. User-Specific-Folder) to allow access to a restricted list of folders.

    In all cases, thanks for your help, which put me on good track!

    -- Thibaut

    • Greg-DB's avatar
      Greg-DB
      Icon for Dropbox Community Moderator rankDropbox Community Moderator
      8 years ago

      I'm glad to hear you got this working. I've sent this along as a feature request for a way to restrict access to specified paths only. Thanks!

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.

The Dropbox Community team is active from Monday to Friday. We try to respond to you as soon as we can, usually within 2 hours.

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X, Facebook or Instagram.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!