cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Share your feedback on the Document Scanning Experience in the Dropbox App right here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Trouble Accessing Teams Files via Python SDK

Trouble Accessing Teams Files via Python SDK

VoroMotors
Explorer | Level 3
Go to solution

I'm creating a third party webapp to allow for us to quickly search and sort through categorized and tagged files that could be in any folder on dropbox. The process would be that the user inputs either a link to the file or the file's dropbox path, assigns the tags in the webapp, and then the webapp accesses the dropbox api, finds the file, and populates metadata for the file rather than having to write all of that individually.

 

However, I can't wrap my head around the Teams api, I'm trying to access a file, but I keep getting a bad input error:

 

Error in call to API function "files/get_metadata": This API function operates on a single Dropbox account, but the OAuth 2 access token you provided is for an entire Dropbox Business team. Since your API app key has team member file access permissions, you can operate on a team member's Dropbox by providing the "Dropbox-API-Select-User" HTTP header or "select_user" URL parameter to specify the exact user <https://www.dropbox.com/developers/documentation/http/teams>.

 

 

The thing is, looking at the documentation for `dropbox.dropbox_client.DropboxTeam()`, even if I were to find the user ID and use `as_admin()` or `as_user()`, that just returns a `dropbox.dropbox_client.Dropbox()` which was giving me file/path not found errors when I was attempting to access files in the team, as it seemed to be trying to access that account's personal dropbox rather than the team one.

 

Looking online I also found this, but it seems to be not using any SDK, and I feel I shouldn't mix the Dropbox SDK with using requests.

 

So I'm just not sure how to move forward other than just pivoting, but I feel like I shouldn't have to -- just because the files are in a team doesn't mean it should be that much more complicated to access.

 

Also as a sidenote, if there is a way to access the metadata of files given the file's ID or URL, that would be way easier for me! I couldn't find anything about that though, seems all files have to be accessed via dropbox file path.

1 Accepted Solution

Accepted Solutions

Greg-DB
Dropbox Staff
Go to solution

@VoroMotors Здравко is correct; by default, API calls operate in the "member folder" of the connected account, not the "team space", so anything not in the member folder won't be found by default. You can configure API calls to operate in the "team space" instead though. To do so, you'll need to set the "Dropbox-API-Path-Root" header. You can find information on this in the Team Files Guide that you mentioned. With the Dropbox Python SDK, the with_path_root method sets that "Dropbox-API-Path-Root" header.

 

And regarding the "This API function operates on a single Dropbox account" error, it's worth mentioning that this error message is referring to specifying what account on the team to operate on behalf of. For reference, when using any "team scopes", the resulting access token is connected to an entire Dropbox team, not an individual account. So, when using a team-scoped access token to access user-specific endpoints, such as /2/files/get_metadata, you will need to specify which member of the team you want to operate on behalf of.
 
To do this, you'd need to specify the 'Dropbox-API-Select-User' header (or 'Dropbox-API-Select-Admin' as needed/desired). The value should be the team_member_id for whichever member you wish to act on behalf of. In the Dropbox Python SDK, that's as_user (or as_admin) as you mentioned.
 
Also, note that using any team scopes means that only team admins can authorize the app. If you just want to connect to a particular account though (in which case any account can connect the app, but to their own account only), you can omit the team scopes . The access token without the team scopes will be specific to the particular account (whether on a team or not) and so will not require the additional header. You can find more information on scopes in the OAuth Guide.

View solution in original post

2 Replies 2

Здравко
Legendary | Level 20
Go to solution

Hi @VoroMotors,

As seems you have fixed your issue related to the posted error message. As you have found out you have to specify the user context behind which the action gonna proceed. All goes good till here.

Just to clarify: by default all user API calls (either direct API calls or performed through SDK) work on user folder as root. I.e. all paths specified are relative to the user folder (as you have found too). Here while for individual account the user folder coincide with account root, it's NOT the case for team account (like the one you're using). To be able reach to something outside user folder, you have to "reroot" your access (i.e. specify account root or some other namespace). Pointing another namespace, all path since then will be relative to that point. You don't need perform HTTP calls (if you don't want to), that's what SDKs are for. Particular in Dropbox Python SDK you can use with_path_root method to set new root. 😉

Hope this helps.

 

Add: In most of the cases (including when receiving metadata) wherever you use path, you can replace that path to id. Using URL directly is a bit more complicated (and restricted to some calls only), but still possible if you know what you're doing.

Greg-DB
Dropbox Staff
Go to solution

@VoroMotors Здравко is correct; by default, API calls operate in the "member folder" of the connected account, not the "team space", so anything not in the member folder won't be found by default. You can configure API calls to operate in the "team space" instead though. To do so, you'll need to set the "Dropbox-API-Path-Root" header. You can find information on this in the Team Files Guide that you mentioned. With the Dropbox Python SDK, the with_path_root method sets that "Dropbox-API-Path-Root" header.

 

And regarding the "This API function operates on a single Dropbox account" error, it's worth mentioning that this error message is referring to specifying what account on the team to operate on behalf of. For reference, when using any "team scopes", the resulting access token is connected to an entire Dropbox team, not an individual account. So, when using a team-scoped access token to access user-specific endpoints, such as /2/files/get_metadata, you will need to specify which member of the team you want to operate on behalf of.
 
To do this, you'd need to specify the 'Dropbox-API-Select-User' header (or 'Dropbox-API-Select-Admin' as needed/desired). The value should be the team_member_id for whichever member you wish to act on behalf of. In the Dropbox Python SDK, that's as_user (or as_admin) as you mentioned.
 
Also, note that using any team scopes means that only team admins can authorize the app. If you just want to connect to a particular account though (in which case any account can connect the app, but to their own account only), you can omit the team scopes . The access token without the team scopes will be specific to the particular account (whether on a team or not) and so will not require the additional header. You can find more information on scopes in the OAuth Guide.

Need more support?
Who's talking

Top contributors to this post

  • User avatar
    Greg-DB Dropbox Staff
  • User avatar
    Здравко Legendary | Level 20
What do Dropbox user levels mean?