Discuss Dropbox Developer & API
The content you are looking for has been archived. View related content below.
Is this possible?
We want users of our software to be able to upload diagnostic information (logs etc) to our Dropbox simply - eg by clicking a button in our software - so that we an use that information to help them. I wouldn't have thought this would be that unusual an idea.
I'm not sure that's something that the API/authentication system is set up to allow, but I may be missing something.
We don't want users to have to have their own Dropbox accounts, and we don't want to be putting full-access authentication keys into our software that could be used to download other users' logs. So, we'd want an 'upload only' authentication method, but I can't see that that's possible at the moment.
Is that correct that it's not really feasible, or is there some way to do this?
The 'File Request' system (not API) looked like it may be helpful, but I can't see any way to automate the uploads to that.
The only way I've thought around this would be for our software to upload the data to our website first, and then for our website to upload to Dropbox (because it's OK to store the authentication details on our webserver where users don't have access). But, that seems overly complicated for something that should really be straightforward.
The API was designed with the intention that each user would link their own Dropbox account, in order to interact with their own files. However, it is technically possible to connect to just one account. The SDKs don't offer explicit support for it and we don't recommend doing so, for various technical and security reasons. It sounds like you already have a good idea of the risks with doing so, i.e., a malicious user could extract the access token and read other files, etc. Routing this through your own server as you mentioned would be a workaround for this.
I'll send this along as a feature request for a safe way to do this directly, but I can't promise if or when this would be implemented.
The API was designed with the intention that each user would link their own Dropbox account, in order to interact with their own files. However, it is technically possible to connect to just one account. The SDKs don't offer explicit support for it and we don't recommend doing so, for various technical and security reasons. It sounds like you already have a good idea of the risks with doing so, i.e., a malicious user could extract the access token and read other files, etc. Routing this through your own server as you mentioned would be a workaround for this.
I'll send this along as a feature request for a safe way to do this directly, but I can't promise if or when this would be implemented.
Thanks. That's what I suspected.
It would be nice if there was 'anonymous upload' type functionality - even if it's just based off the 'request files' function which seems to be almost what is needed - if only the uploads could be automated using the request URL.
Thanks for the feedback!
By the way, I should also mention the /2/files/get_temporary_upload_link functionality. That would still require you to use your own server to make the API call itself, as it requires an access token, but it would at least enable the client to then upload directly to Dropbox without sending the data through your server. (Note that it's still only in preview though.)
Hi there!
If you need more help you can view your support options (expected response time for a ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!