cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community
English
Announcements
What’s new: end-to-end encryption, Replay and Dash updates. Find out more about these updates, new features and more here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: Not display dropbox authentication screen from Mobile app

Labels:

Not display dropbox authentication screen from Mobile app

PalsNaveen
Explorer | Level 3
‎12-12-2018 07:30 AM

We have a mobile app that's used by multiple organizations. a feature on the mobile app requires users to upload images to their Dropbox account, all organization have their own Dropbox account.

To make an upload API call to i will need an access token and to get 1 I will be redirected to Dropbox login screen correct? Do I have an option where I can pass the user credentials or API key in the upload API and not need my app to redirect to Dropbox login screen? The mobile app will store the dropbox credentials or API key in the settings.

 

Labels:
  • 0 Likes
  • 5 Replies
  • 1,267 Views
0 Likes
5 Replies 5

Greg-DB
Dropbox Staff
‎12-12-2018 08:54 AM

In order to get an access token for a user, your app must send them through the OAuth app authorization flow.

Your app should never request or handle the user's actual Dropbox credentials (username/password). The Dropbox API does not offer a way for your app to get an access token directly from their credentials or an app key.

Once your app gets an access token via the OAuth app authorization flow though, it can store and re-use the access token for future use without further manual user intervention.

0 Likes

PalsNaveen
Explorer | Level 3
‎12-12-2018 10:15 AM

Greg, Thanks for a quick response. 

If we have an API that calls the Dropbox API. I will not be using authorization flow right? What will I need to pass for authentication or Authorization then? Will there be a redirection to login screen here?

to clarify, Mobile app calls our API which in turn calls Dropbox API.

0 Likes

Greg-DB
Dropbox Staff
‎12-12-2018 10:27 AM

Regardless of how your client/server is set up, the end-user will need to be sent through the Dropbox OAuth app authorization flow to authorize the app to access their account. This only needs to be done once per user. Once you have the access token for that user, you supply it in the "Authorization" header as "Bearer ACCESS_TOKEN_HERE" when making Dropbox API calls. I recommend reviewing the OAuth documentation and guide for more information. 

Where in your app you implement this is up to you, based on what makes sense for your app. I do recommend using one of the official SDKs, if possible, as they will do a lot of the work for you. (One note though: processing this inside a web view is not allowed; use the system browser.)

0 Likes

PalsNaveen
Explorer | Level 3
‎12-12-2018 09:02 PM

Greg, do the APIs support something like "Client credentials grant" which is basically used for machine-to-machine authentication? 

0 Likes

Greg-DB
Dropbox Staff
‎12-13-2018 09:14 AM

No, the Dropbox API only supports the code and implicit grants.

0 Likes
Need more support?