Where to start

If you haven't already, you may want to start with the Getting Started guide here:

• https://www.dropbox.com/developers/reference/getting-started

And for information on how to have the user authorize your app so the app can access their account, check out the OAuth Guide and authorization documentation:

• https://developers.dropbox.com/oauth-guide
• https://www.dropbox.com/developers/documentation/http/documentation#authorization

For information on ways to automatically detect changes as they occur, read the Detecting Changes Guide:

• https://developers.dropbox.com/detecting-changes-guide

And for guidance on how to interact with the filesystem, refer to the File Access Guide:

• https://developers.dropbox.com/dbx-file-access-guide

By the way, we recommend using one one of the official SDKs, if possible. For example, we offer an official SDK for .NET:

• https://github.com/dropbox/dropbox-sdk-dotnet

Be sure to refer to the SDK documentation/examples as well if you are using one.

Hope this helps!

@Greg-DB

Thank you for your response, I had seen most of the documents you mentioned, i'll make my questions slightly more specific as they were sort of hidden in the story.

The most important part (at this stage as I can guess the answer to some of my more basic questions like 'is there a client library for angular?) is: As stated in my original question we run a multi-tenant system, which means every customer runs on his own sub-domain. This is always an issue with OAUTH2 redirect urls, I saw a request for support of wildcard-domains back in 2015 with a response (by you) but can't find anything else about it. Do you have an idea how to get around this?

Another route i was thinking of is to let the end user create a shared folder and copy the url into our system, this would negate the requirement for the login, but it would require us to be able to:

1. Mount a shared folder using the API.

2. List files in the shared folder.

3. Rename files in the shared folder.

4. Place a file into the shared folder

Although it feels logical that this should be possible i find it difficult to work out from the documents if this is the case.

Could you maybe let me know if you think each of the above actions would be possible using the API when you just recieve a shared link? 

Dropbox still doesn't support wildcards in OAuth 2 redirect URIs. One workaround to this is to instead use one static redirect URI (say, on a particular non-changing domain you control), but encode the necessary information (such as the changing domain) in the 'state' parameter, and decode it as necessary after the redirect back to your app, to handle it as necessary (e.g., to then redirect to the specific domain as needed). You can find more information on the different parameters in the documentation.

Alternatively, since an OAuth 2 redirect URI isn't actually required (as long as you use 'response_type=code', which you should), you can omit the 'redirect_uri' entirely. In that case, the user is presented with an authorization code that they would copy/paste into the app to finish the flow instead.

For the other route you mentioned, the Dropbox API does offer the ability to perform all of the operations you listed (mount, list, move/rename, and upload) in a connected account, but it's not really designed to combine the two types of sharing you mentioned. That is, when the user creates a shared folder, that is distinct from creating a shared link. A shared link itself does not enable you to join or identify a shared folder.