cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Share your feedback on the Document Scanning Experience in the Dropbox App right here.

Discuss Dropbox Developer & API

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Simple Web App for getting info about a Dropbox Folder Content or File but Authorisation says NO??

Simple Web App for getting info about a Dropbox Folder Content or File but Authorisation says NO??

eni8ma
Explorer | Level 4

Hey there all!

I am quite new to all this. However I have working on a Webflow site that uses xano for the database and wized to run API calls and javascript functionality. 

I am on a Business Plus Account

 

So I was very excited that I could use API calls such as 2/files/list_folder to get a list of content within a directory. I was generating the token and found it strange that I had to keep renewing it but after a quick search I did see you could resolve this.

However now I am actually to implement this and its very difficult for starters but looks its made to prevent my use case since it requires the user to authenticate itself through Dropbox website.

Now as mentioned this is a team space and this is an internal web app. I would ideally like to have the authorisation done in the backend. Not pushing the user to authenticate themselves to see the contents of the files through my web app. 

I am happy to use any method that would enable this. I did see something about 'offline' access but I dont fully understand this. Could anyone please point me towards the right direction?

Kind regards

16 Replies 16

Greg-DB
Dropbox Staff

@eni8ma A "Basic" value used in the "Authorization" header corresponds to "App Authentication". A "Bearer" value used in the "Authorization" header corresponds to "User Authentication" (or "Team Authentication").

 

User (or Team) Authentication are used to access a specific user account (or team).

 

App Authentication is used by certain endpoints/use cases where a specific account/team is not needed, and so this only involves authenticating the app itself. This only uses the app key/secret, not an access token, and so does not expire and does not need to be refreshed.

 

You can see which authentication type(s) any given endpoint supports in the documentation.

Здравко
Legendary | Level 20

@eni8ma, don't mess different authentication types!

If you need to manage public data (like shared link and files etc) then basic authentication is enough. If you need to manage account specific data, you need bearer authentication!

Note: Basic authentication authenticates your application only, while bearer - authenticates the user. So you CANNOT do anything user related (including any file/folder direct access) without bearer authentication.

Hope it's a bit more clear now.

eni8ma
Explorer | Level 4

Ok so I think I understand this

Bear Authentication to access user specific folders (which I don't need to)
App Authentication to access team spaces. (which I do want to access)

So in my workspace I have a team space folder which has multiple folders, these folders have been shared and I want to list these directories via the API call. 


What I was doing before is using bearer but then accessing the root folder of the shared workspace, which am guessing is not right method and I should be using the App authentication?

Regards 


Здравко
Legendary | Level 20

Hmm... :thinking_face: Are your team data public??...

Sarcasm... of course...:slightly_smiling_face:

eni8ma
Explorer | Level 4

CleanShot 2024-05-17 at 15.31.27@2x.png

It's available in everyone in the group and folders inside have been shared with a sharable link.

Здравко
Legendary | Level 20

@eni8ma wrote:

...
It's available in everyone in the group and folders inside have been shared ...


Can I access this group data? :thinking_face: If you need to manage something non accessible with public link, you need bearer authentication. If you only need access link pointed data (link created in advance), then basic is enough. :winking_face:

 

PS: It doesn't matter where data reside in.

eni8ma
Explorer | Level 4

Ok understood thanks, I will need to think this through I appreciate the help! 

Need more support?
Who's talking

Top contributors to this post

  • User avatar
    eni8ma Explorer | Level 4
  • User avatar
    Здравко Legendary | Level 20
What do Dropbox user levels mean?