How can I restrict token use to a certain domain or IP address?

Question

I'm using an access token to make calls to a single account. How can I restrict that token, so that Dropbox only accepts API calls from a certain domain or IP address?
We keep our tokens safe, but it would be good to restrict access in case the token gets stolen. This seems like a common API structure to help manage security, but I can't find the setting in Dropbox.
Thanks,
John

Greg-DB · Answer

Hi John, the&nbsp;Dropbox API doesn't offer this,&nbsp;but I'll be sure to pass this along as a feature request.&nbsp;

SandroRibeiro · Answer

I have that same need. I will handle very sensitive information and one of the business requirements is the restriction by IP. The implementation of this feature would certainly make me choose Dropbox.

Greg-DB · Answer

SandroRibeiro&nbsp;Thanks for the additional feedback!

Lansend · Answer

This question was first asked in 2016 , and then 2020. I too now have a similar requirement. Client wants to restrict drop box access to business account to just the corporate network. In other words user cannot access from home or other location.

Greg-DB · Answer

Lansend&nbsp;I don't have any news on this request, but thanks for the note!&nbsp;

Forum Discussion

How can I restrict token use to a certain domain or IP address?

5 Replies

About Dropbox API Support and Feedback

Related Content

video length restriction?

Can’t share file Sharing is restricted

Restrict access to content. How?

Cookie settings - restricting live chat options

"Restricted Content" Error

Recent Discussions

Classic ASP read folder for https file links.

Can't upload branding logo for app

Failed to Load Request Error when using Chooser API

list_folder is not returning media info

Receiving errors from Dropbox API