You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
Unable to create to Dropbox App
Hi Team, I am trying to connect to the dropbox app created by Me(Team Admin role in Dropbox Enterprise/Business account), after configuring the connector in AEM DAM with correct client_id and sec...
aawasthi wrote:..., after configuring the connector in AEM DAM with correct client_id and secret I am always getting below error (Only set Individual scope):
This app has been blocked for your team. Go to the admin console to change permissions for aem-dam-app (dbaid:AACLz8mRx8VyniCGWMn24BIjzOxVrihNfeQ).
...
Hi aawasthi,
Here the error message is descriptive enough, I think. So, follow the direction provided within the message.
aawasthi wrote:...
When I extend the app to have team scope and give file permissions for read and write I do not get above error but system gives me another error as below:
com.adobe.cq.assetcompute.impl.bulkimport.directtransfer.TransferException: Error in getting blob list: REQUEST{POST https://api.dropboxapi.com/2/files/list_folder HTTP/1.1, Headers:{Content-Type=application/json}} RESPONSE{Status Code: 400, Reason Phrase: Bad Request, Response Body: Error in call to API function “files/list_folder”: This API function operates on a single Dropbox account, but the OAuth 2 access token you provided is for an entire Dropbox Business team. Since your API app key has team member file access permissions, you can operate on a team member’s Dropbox by providing the “Dropbox-API-Select-User” HTTP header or “select_user” URL parameter to specify the exact user <https://www.dropbox.com/developers/documentation/http/teams>.}
...
Here exist too some directions within the error message. Did you read the topic pointed by the link there? In the same topic is paragraph that describe access to team members files. Since here your tokens represent the team as such and not particular member only, you have to point explicitly how you want to represent access to members files (and not only) - on whos behalf. That's what "Dropbox-API-Select-User" HTTP header is for (in some cases - admin actions - "Dropbox-API-Select-Admin" may be more suitable). Something you have to set mandatory, as mentioned in the error message too, but you haven't done - the actual error. When using supported SDK, there is appropriate client method for this (read the documentation of SDK, that you use, for details). In many cases you may want to set "Dropbox-API-Path-Root" header too. It's needed when you want to access/modify not only files strictly owned by particular member (or residing within its own/private namespace) but all files in different team spaces that the member has access to - files that by default stay inaccessible.
Hope this gives direction.
Thanks Здравко for your response.
I know the message is discriptive "This app has been blocked for your team" but when i added permission in Team scope it is saying that app can not be accessed from Enterprise/Business account.
As the Connector on AEM DAM is not configurable (providing the “Dropbox-API-Select-User” HTTP header or “select_user” URL parameter to specify the exact user) would you rather recommend to setup my dropbox differently to generate a single member account client_id and secret instead of entire Dropbox Business team
aawasthi wrote:... would you rather recommend to setup my dropbox differently to generate a single member account client_id and secret instead of entire Dropbox Business team
Hm.. You can neither identify single member nor team using "client_id and secret" only!!! The "client_id" is associated to and identifies the application not any user. Here "client" means application that behaves as client to Dropbox server (client-server link), not something else (like some user working with your application). 🙂 Take care with assumptions. Secret is used to confirm application (not user) identity whenever needed (in many cases can be avoided - there is more secure way - PKCE).
Users/members/teams are identified with different token types (access token mandatory and usually refresh token too - for long term access). There are 2 ways to setup your application - personal configuration (without any team scopes and you don't need to identify the member additionally) and team configuration (you need additional header). No other way.
Something else, that may confuse you, is when you use personal configuration, you cannot add application as a team application! Did you try this when the error get up? In such a case your application can be used only private by team members only - every one on its behalf! Don't try to assign it to the entire team at once (again, it's private/personal).
Good luck.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
