You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
Application token key
Is it possible to get a token key only with APP_KEY and APP_SECRET without redirect_uri the authorizing URL that needes the user to open the URL in a new tab and copy-paste the code?
If not, can I ...
guymayor Здравко is correct; the Dropbox API doesn't offer a way to upload files based only on the app key and secret. The app key and secret only identify the app itself. Making changes to an account, such as uploading files, requires authorization to access that account.
The Dropbox API doesn't offer any sort of "app account" or "app storage" where you can upload files outside of any specific user account, but I'll pass this along as a feature request. I can't promise if or when that might be implemented though.
To get an access token for a specific user account for the Dropbox API you need to send the user through the OAuth app authorization flow.
Likewise, to get an access token for an entire Dropbox Business team for the Dropbox Business API you need to send a team admin through the OAuth app authorization flow. If the Dropbox Business API app is registered for the "team member file access" permission, you can then use the resulting access token to access any member's account via the "member file access" feature documented here. The individual member doesn't need to additionally authorize the app, as it's been authorized for the entire team by a team admin.
Finally, an actual Dropbox API access token does not expire by itself, but it can be revoked by the user or app at any time. Also, note that "access tokens" are not the same as "authorization codes". Authorization codes are short-lived, single-use codes that can be exchanged for an access token.
Greg-DB
Dropbox Staff
Dropbox Staffguymayor Здравко is correct; the Dropbox API doesn't offer a way to upload files based only on the app key and secret. The app key and secret only identify the app itself. Making changes to an account, such as uploading files, requires authorization to access that account.
The Dropbox API doesn't offer any sort of "app account" or "app storage" where you can upload files outside of any specific user account, but I'll pass this along as a feature request. I can't promise if or when that might be implemented though.
To get an access token for a specific user account for the Dropbox API you need to send the user through the OAuth app authorization flow.
Likewise, to get an access token for an entire Dropbox Business team for the Dropbox Business API you need to send a team admin through the OAuth app authorization flow. If the Dropbox Business API app is registered for the "team member file access" permission, you can then use the resulting access token to access any member's account via the "member file access" feature documented here. The individual member doesn't need to additionally authorize the app, as it's been authorized for the entire team by a team admin.
Finally, an actual Dropbox API access token does not expire by itself, but it can be revoked by the user or app at any time. Also, note that "access tokens" are not the same as "authorization codes". Authorization codes are short-lived, single-use codes that can be exchanged for an access token.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
