cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Want to know what we learned at IBC? Check out our learnings on media, remote working and more right here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Can't operate on team member's files in R (rshiny)

Can't operate on team member's files in R (rshiny)

JAMES41
Explorer | Level 3
Error in call to API function "files/get_temporary_link": This API function operates on a single Dropbox account, but the OAuth 2 access token you provided is for an entire Dropbox Business team.  Since your API app key has team member file access permissions, you can operate on a team member's Dropbox by providing the "Dropbox-API-Select-User" HTTP header or "select_user" URL parameter to specify the exact user <https://www.dropbox.com/developers/documentation/http/teams>.

I'm trying to fix this issue. But how do you provide "Dropbox-API-Select-User" HTTP header or "select_user" URL parameter here ? I tried to passed it to the URL authorize and access with /select_user/<TEAM MEMBER ID>.

 

This error raised on "drop_media" function, since authentification cannot provide Dropbox Business team access.

 

Any solution ? 

 

Thanks ! 🙂

 

 

drop_auth_RT <- function (new_user = F, key = "########", secret = "#########", cache = TRUE, rdstoken = NA) 
{
  
  if (new_user == FALSE & !is.na(rdstoken)) {
    if (file.exists(rdstoken)) {
      .dstate$token <- readRDS(rdstoken)
    }
    else {
      stop("token file not found")
    }
  }
  else {
    if (new_user && file.exists(".httr-oauth")) {
      message("Removing old credentials...")
      file.remove(".httr-oauth")
    }
    dropbox <- httr::oauth_endpoint(authorize = "https://www.dropbox.com/oauth2/authorize/?token_access_type=offline",
                                    access = "https://api.dropbox.com/oauth2/token")
    # added "?token_access_type=offline" to the "authorize" parameter so that it can return an access token as well as a refresh token
    dropbox_app <- httr::oauth_app("V1_cdv2", "#####","######")
    dropbox_token <- httr::oauth2.0_token(dropbox, dropbox_app, 
                                          cache = cache)
    
    if (!inherits(dropbox_token, "Token2.0")) {
      stop("something went wrong, try again")
    }
    .dstate$token <- dropbox_token
    
  }
}

token<-drop_auth_RT()
saveRDS(token,"token.rds")
refreshable_token<-readRDS("token.rds")

 

 

 

1 Reply 1

Greg-DB
Dropbox Staff

This error message is referring to specifying what account on the Business team to operate on behalf of. For reference, when using any "team scopes", the resulting access token is connected to an entire Dropbox Business team, not an individual account. So, when using a team-scoped access token to access user-specific endpoints, such as /2/files/get_temporary_link, you will need to specify which member of the team you want to operate on behalf of.
 
To do this, you'd need to specify the 'Dropbox-API-Select-User' header (or 'Dropbox-API-Select-Admin' as needed/desired). The value should be the team_member_id for whichever member you wish to act on behalf of. For example, you can find team member IDs by calling /2/team/members/get_info_v2 or /2/team/members/list_v2[/continue]. The header (or URL parameter) would be sent with the API request itself, not set on /oauth2/authorize.  

 

We can't provide support for rdrop2 itself, and I can't say whether or not that actually supports this functionality, as that's not made by Dropbox. You may need to refer to its documentation for more information.


Alternatively, if you just want to connect to a particular account, you can disable any team scopes and re-authorize the app to get a new refresh token/access token without them. The refresh token/access token without the team scopes will be specific to the particular account (Business or not) and so will not require the additional header. You can find more information on scopes in the OAuth Guide. If you don't need to call any team endpoints (e.g., if you just need to call individual endpoints, such as /2/files/get_temporary_link), I recommend this solution instead for simplicity and security.

Need more support?
Who's talking

Top contributors to this post

  • User avatar
    Greg-DB Dropbox Staff
What do Dropbox user levels mean?