You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.

Forum Discussion

GaryH_BAR01's avatar
GaryH_BAR01
Helpful | Level 5
3 months ago

(Beginner) API to create file requests

Good afternoon, 

I am working on a project that uses Qualtrics (a web-based survey/forms) platform to create Dropbox file requests to allow the user to securely upload files to go along with their form submission to my Dropbox folder. 

 

All file requests would be from my account. 

 

While I have gotten the basics working, creating a file request via the HTTP SDK. Using the following from the API Explorer

POST /2/file_requests/create
Host: https://api.dropboxapi.com
User-Agent: api-explorer-client
Authorization: Bearer [[#TOKEN#]]
Content-Type: application/json

{
    "title": "12345678 Smith, John (App #: FA24-1234)",
    "destination": "1234 Jones_Martha OTE 1000S Student Smith_John",
    "deadline": {
        "deadline": "2024-09-25T01:00:00Z",
        "allow_late_uploads": {
            ".tag": "one_day"
        }
    },
    "open": true
}

I was able to translate it into Qualtrics' Webservices screen 

Screen Shot - Qualtrics Web Service

 

I am now stumped because I found out from Dropbox Support that the API Token that was in the Dropbox App Console are not long living and expire in short time. So, the question is how do I follow the process to authenticate which will allow the system to still create the file requests? 

 

The end users do not login to Dropbox and are not required to have a Dropbox account to submit their files. 

 

The documentation that Dropbox Support sent me (Using OAuth 2.0 with offline access - Dropbox) appears to be for requiring the user to login to Dropbox to do tasks. 

 

I hope that someone could provide a person who is new to working with APIs with some guidance and advice. 

 

Thank you in advance for your guidance. 

  • Hi GaryH_BAR01,

    Maybe a bit more simple example than the one sent to you by Dropbox support may be seen here. 😉

    Probably Dropbox support hasn't explained you very clear what  you need exactly and why. You don't need to force your end users to log in any Dropbox account or anything similar. The only one that need to get logged in is... you! 🙂 Nobody else. And all this just once; at the time you need to grant permission to your application to access... your account.

    Once you have refresh token, following all directions in the thread I linked to, the only thing you need to add in your application is the received refresh token and a bit of code the make sure your access token is not expired when you need one - i.e. you need to implement in your code only the last direction I gave there (the refresh). That's all.

    Hope this helps you.

    • GaryH_BAR01's avatar
      GaryH_BAR01
      Helpful | Level 5

      Good Morning Здравко - Some questions to make sure that I am understanding the post that you provided a link to.

       

      1) Regarding the refresh_token: does that change or is that something that I can store as a constant in my workflow for this project?

       

      2) While I was able to run the commands in a terminal window, I need to convert the refresh token statement "curl https://api.dropbox.com/oauth2/token -d grant_type=refresh_token -d refresh_token=<REF_TOKEN_HERE> -u <AppKey>:<AppSecret> " into something that can be used by the Qualtrics Web Service (format shown in original post)

       

       

      I had tried to run this and it did not work. Suggestions?

       

       

      • DB-Des's avatar
        DB-Des
        Icon for Dropbox Engineer rankDropbox Engineer

        Hi GaryH_BAR01,

         

        To add to @Здравко's suggestion: Apps can get long-term access by requesting "offline" access, this can be achieved by adding "token_access_type=offline" to the authorization URL. Keep in mind that there will need to be user interaction the first time the app is being authorized. A "refresh token" is returned in the response object, this "refresh token" can be used to retrieve new short-lived access tokens as needed, without further manual user intervention.

         

        To answer your first question, yes, the "refresh token" can be securely stored for later use; it can be re-used and doesn't expire automatically (though it can be revoked on demand).

         

        I hope this information provides more clarity!

         

        --

        [Cross-linking for reference: https://stackoverflow.com/questions/79020302/dropbox-filerequest-api-handling-token-issues-working-with-qualtrics-webserv ]

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

5,910 PostsLatest Activity: 4 days ago
333 Following

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!