How can I restrict token use to a certain domain or IP address?

HE A. · ‎08-26-2016

I'm using an access token to make calls to a single account. How can I restrict that token, so that Dropbox only accepts API calls from a certain domain or IP address?

We keep our tokens safe, but it would be good to restrict access in case the token gets stolen. This seems like a common API structure to help manage security, but I can't find the setting in Dropbox.

Thanks,

John

Greg-DB · ‎08-26-2016

Hi John, the Dropbox API doesn't offer this, but I'll be sure to pass this along as a feature request.

SandroRibeiro · ‎02-15-2020

I have that same need. I will handle very sensitive information and one of the business requirements is the restriction by IP. The implementation of this feature would certainly make me choose Dropbox.

Greg-DB · ‎02-17-2020

@SandroRibeiro Thanks for the additional feedback!

Lansend · ‎09-14-2022

This question was first asked in 2016 , and then 2020. I too now have a similar requirement. Client wants to restrict drop box access to business account to just the corporate network. In other words user cannot access from home or other location.

Greg-DB · ‎09-14-2022

@Lansend I don't have any news on this request, but thanks for the note!

How can I restrict token use to a certain domain or IP address?

How can I restrict token use to a certain domain or IP address?

Re: How can I restrict token use to a certain domain or IP address?

Re: How can I restrict token use to a certain domain or IP address?

Re: How can I restrict token use to a certain domain or IP address?

Re: How can I restrict token use to a certain domain or IP address?

Re: How can I restrict token use to a certain domain or IP address?

Top contributors to this post