<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Uploading files to a shared folder in Dropbox API Support &amp; Feedback</title>
    <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Uploading-files-to-a-shared-folder/m-p/413251#M22318</link>
    <description>&lt;P&gt;I need to upload a series of 4 files each day to a Dropbox account from my platform, using the Dropbox API.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;These files are to be read by an external company.&amp;nbsp; The external company has a Dropbox account and my own company also has a separate Dropbox account.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;My question is about security.&amp;nbsp; If we get an OAuth access token for the Dropbox of the external company, is is possible to limit the ability of our platform to upload to only a single folder in their Dropbox?&amp;nbsp; If the access can only be to the entire Dropbox rather than just a single folder, I would imagine that they will have security concerns in case something goes wrong with the upload script.&amp;nbsp; In other words, they wouldn't want us to have unrestricted rights on everything in their Dropbox - just those required to upload to the single folder.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Another way of doing this would be to create a shared folder on my company's Dropbox account which we then share with the external company.&amp;nbsp; Then I assume that I just need an OAuth key for our own account under the API.&amp;nbsp; Would this be the recommended way of doing things?&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;I hope that this makes sense.&lt;/P&gt;</description>
    <pubDate>Thu, 23 Apr 2020 10:45:52 GMT</pubDate>
    <dc:creator>evbuk1</dc:creator>
    <dc:date>2020-04-23T10:45:52Z</dc:date>
    <item>
      <title>Uploading files to a shared folder</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Uploading-files-to-a-shared-folder/m-p/413251#M22318</link>
      <description>&lt;P&gt;I need to upload a series of 4 files each day to a Dropbox account from my platform, using the Dropbox API.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;These files are to be read by an external company.&amp;nbsp; The external company has a Dropbox account and my own company also has a separate Dropbox account.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;My question is about security.&amp;nbsp; If we get an OAuth access token for the Dropbox of the external company, is is possible to limit the ability of our platform to upload to only a single folder in their Dropbox?&amp;nbsp; If the access can only be to the entire Dropbox rather than just a single folder, I would imagine that they will have security concerns in case something goes wrong with the upload script.&amp;nbsp; In other words, they wouldn't want us to have unrestricted rights on everything in their Dropbox - just those required to upload to the single folder.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Another way of doing this would be to create a shared folder on my company's Dropbox account which we then share with the external company.&amp;nbsp; Then I assume that I just need an OAuth key for our own account under the API.&amp;nbsp; Would this be the recommended way of doing things?&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;I hope that this makes sense.&lt;/P&gt;</description>
      <pubDate>Thu, 23 Apr 2020 10:45:52 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Uploading-files-to-a-shared-folder/m-p/413251#M22318</guid>
      <dc:creator>evbuk1</dc:creator>
      <dc:date>2020-04-23T10:45:52Z</dc:date>
    </item>
    <item>
      <title>Re: Uploading files to a shared folder</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Uploading-files-to-a-shared-folder/m-p/413350#M22319</link>
      <description>&lt;P&gt;If you only need to upload the files to a single folder via the API and don't need to otherwise share the folder with others via Dropbox, the best thing to do here would be to &lt;A href="https://www.dropbox.com/developers/apps/create" target="_self"&gt;register an app&lt;/A&gt; for &lt;A href="https://www.dropbox.com/developers/reference/developer-guide#app-permissions" target="_self"&gt;the "app folder" permission&lt;/A&gt;. Access tokens for apps with this permission can only access the special "app folder" created for the app in the connected account. This&amp;nbsp;can't be set to a pre-existing folder though, nor can the special app folder be made into a shared folder, or contain or be contained in a shared folder.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Otherwise, the Dropbox API unfortunately doesn't offer a way to register an app or access token for access to a specific existing folder only unfortunately.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;You could use a shared folder and connect a full&amp;nbsp;Dropbox app to your own account though, as you described, but if an app folder setup would suffice, that would be safer.&lt;/P&gt;</description>
      <pubDate>Thu, 23 Apr 2020 15:16:50 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Uploading-files-to-a-shared-folder/m-p/413350#M22319</guid>
      <dc:creator>Greg-DB</dc:creator>
      <dc:date>2020-04-23T15:16:50Z</dc:date>
    </item>
  </channel>
</rss>

