Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
The content you are looking for has been archived. View related content below.
Hey,
I was wondering if it is possible to access a dropbox account without the token generated in the app console.
What I mean is, can I use an api on my python script that will query an input dropbox account (and password obviously) for files and then retrieve it?
As far as i've seen, I can only connect via the token to the account that generated it.
Thank you
I think it is possible, I access to my account from the computer without any verification code, maybe if you look up in your profile page in settings > Security, there are many options to try.
@mbm123 Performing Dropbox API calls, such as to list and download files from a Dropbox account, does require an access token; they can't be performed using the account username and password directly.
@mbm123 Third party apps enable end-users to connect their Dropbox accounts by implementing the OAuth app authorization flow. This is a way for third party apps to ask the user to allow the app to access the user's account. When the user approves an app using this flow, the app is given an access token. You can find more information on how this flow works in the OAuth Guide and authorization documentation.
Thank you for the answer, but let me stress this matter just a bit more 😉
Can I do that within a hosting server?
Webpage that wraps dropbox upload download.
Nothing malicious, just for home use.
@mbm123 It's not possible to perform the entire OAuth app authorization flow within your own app only. The user needs to be sent to Dropbox to indicate to Dropbox whether or not they want to authorize the app. If they do approve it, Dropbox itself then generates the token(s).
Note though that you only need to do this once per user. The app can store and re-use the resulting access/refresh tokens without further manual interaction.
So it should be possible for me to ask a user to register with username and password, redirect it as a query for dropbox in order to generate a permanent token, save this token and use it later to download/upload files for this user?
could this operation be restricted to a specific path?
for example, if i want to share FAMILY folder from my dropbox (/FAMILY/), and do so for my other family members, they just need to "login" on my webpage with their dropbox credentials, then i do the token thing mentioned above?
@mbm123 Assuming you're referring to the username/password for your own app (that is, your app should never request or handle Dropbox username/passwords directly), yes, you can have the user log in to your own app, and then send them through the Dropbox app authorization flow to request access to their Dropbox account. Once they do so, you would use the resulting access token/optional refresh token to later make API calls for their account, such as to upload/download files.
(Note that if you only need to access your own account, you could just use your own access/refresh token instead of having each user add the shared folder to their own account and authorize the app to access their account. Note that you shouldn't expose your access/refresh token to other users though, so in this case you should make sure to only keep the token(s) on the server and not exposed to the client.)
Dropbox does not offer the ability to grant an app/access token access to specific existing folder(s) only, but I'll pass this along as a feature request. I can't promise if or when that might be implemented though.
For reference, the "Dropbox API" currently offers two levels of file access: "app folder" and "full Dropbox". Access tokens for apps with the app folder access type can only access the contents of the special app folder created for the app in the connected account. App folders can't be set to existing folders or combined with shared folders or team folders though.
Access tokens for apps with the full Dropbox access can access anything in the connected account, including shared folders. You can find more information about the different permissions here.
That's a lot of information, thank you very much, also for the initiative to forward my humble suggestion.
I will get more familiar with the api and the documentation you linked and further this discussion (or open a new thread?) once deeper questions arouse.
Thank you once again.
Hi there!
If you need more help you can view your support options (expected response time for a ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!