cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Want to learn some quick and useful tips to make your day easier? Check out how Calvin uses Replay to get feedback from other teams at Dropbox here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Why do Digital Photo Frames requires FULL READ AND WRITE access to your entire Dropbox folder?

Why do Digital Photo Frames requires FULL READ AND WRITE access to your entire Dropbox folder?

jasonblum
Explorer | Level 4

Digital Picture Frames like https://www.amazon.com/gp/product/B00MTWDG6W/ and https://www.amazon.com/gp/product/B012FRC3PA/ can automatically pull photos from your Dropbox folder.

 

...but they require FULL READ AND WRITE access to your ENTIRE Dropbox folder.  (See screengrab below)  They say this is a requirements from Dropbox's side of the API.  Does anyone know why this is the case or whether there's another frame that requires less access?  Why can't you point them at a single shared folder?  This is obviously unacceptable to anyone who uses Dropbox for more than just photos.

 

Screenshot 2017-07-26 06.56.52.png

4 Replies 4

Greg-DB
Dropbox Staff
Thanks for the post! I can't point you at any other frames in particular, but for reference on the Dropbox side of things, there are currently two different file permissions API apps can use, "Full Dropbox" and "App folder". The first offers full access to the entire Dropbox, and the second offers access to only one folder. There are advantages to each, and the developer chooses whichever they believe to be best for their app when first registering the app. Dropbox API apps are written to work with a specific permission, so it's not possible for the user to change the permission from the user-side. Likewise, there isn't a way for users to allow access to a specific existing folder only. I certainly understand why that would be preferable though, so I'm sending this along as a feature request.

For reference, there are some less obvious reasons why even simple looking apps may desire full access. For instance, app folders cannot be shared, nor can they be placed inside shared folders or contain shared folders. While this offers a higher level of restriction, simplifies the experience, and eliminates some complexities, it can also present problems with some common use cases.

For instance, some users have two (or more) Dropbox accounts, (e.g. one for personal use, one for work, etc.) However, sometimes these users will want to sync some subset of their files (e.g., important items such as a password database) between both accounts, and use shared folders to do so. This would be impossible using app folder access, significantly reducing the value of the app to the user.

Also, one method we sometimes see, although it requires extra work for the developer, and extra UI and an extra decision for the user to make, is developers registering apps for both types of access, and allowing the user to choose which they prefer. (If you wish to see this available in the apps you use, I recommend submitting feedback to the developers of those apps.)

And of course, if you ever no longer wish to use an app, you can immediately and remotely unlink it via:

https://www.dropbox.com/account/security

David B.275
New member | Level 2

It's really disappointing that you can't grant read-only permission. 

 

Giving read-only permission to all folders for an app is much safer than full read-write and there's no need for photo sharing apps to have write permissions.

 

It's really limiting and makes dropbox far less useful. I will be considering alternatives as a result of this.

Greg-DB
Dropbox Staff

@David B.275 Thanks for the feedback!

Greg-DB
Dropbox Staff

I just wanted to follow up on this to let you know that we've released "scopes" functionality on the Dropbox API, which you can use to configure an app or access token to only a limited set of functionality, such as the ability to read but not write files.

 

You can find more information about the release in our blog post here:

 

https://dropbox.tech/developers/now-available--scoped-apps-and-enhanced-permissions

Need more support?
Who's talking

Top contributors to this post

  • User avatar
    Greg-DB Dropbox Staff
  • User avatar
    David B.275 New member | Level 2
What do Dropbox user levels mean?