You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.

Forum Discussion

PalsNaveen's avatar
PalsNaveen
Explorer | Level 3
7 years ago

Not display dropbox authentication screen from Mobile app

We have a mobile app that's used by multiple organizations. a feature on the mobile app requires users to upload images to their Dropbox account, all organization have their own Dropbox account.

To make an upload API call to i will need an access token and to get 1 I will be redirected to Dropbox login screen correct? Do I have an option where I can pass the user credentials or API key in the upload API and not need my app to redirect to Dropbox login screen? The mobile app will store the dropbox credentials or API key in the settings.

 

  • Greg-DB's avatar
    Greg-DB
    Icon for Dropbox Staff rankDropbox Staff

    In order to get an access token for a user, your app must send them through the OAuth app authorization flow.

    Your app should never request or handle the user's actual Dropbox credentials (username/password). The Dropbox API does not offer a way for your app to get an access token directly from their credentials or an app key.

    Once your app gets an access token via the OAuth app authorization flow though, it can store and re-use the access token for future use without further manual user intervention.

    • PalsNaveen's avatar
      PalsNaveen
      Explorer | Level 3

      Greg, Thanks for a quick response. 

      If we have an API that calls the Dropbox API. I will not be using authorization flow right? What will I need to pass for authentication or Authorization then? Will there be a redirection to login screen here?

      to clarify, Mobile app calls our API which in turn calls Dropbox API.

      • Greg-DB's avatar
        Greg-DB
        Icon for Dropbox Staff rankDropbox Staff

        Regardless of how your client/server is set up, the end-user will need to be sent through the Dropbox OAuth app authorization flow to authorize the app to access their account. This only needs to be done once per user. Once you have the access token for that user, you supply it in the "Authorization" header as "Bearer ACCESS_TOKEN_HERE" when making Dropbox API calls. I recommend reviewing the OAuth documentation and guide for more information. 

        Where in your app you implement this is up to you, based on what makes sense for your app. I do recommend using one of the official SDKs, if possible, as they will do a lot of the work for you. (One note though: processing this inside a web view is not allowed; use the system browser.)