You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.

Forum Discussion

kenf999's avatar
kenf999
New member | Level 2
2 years ago

App

I have a Dropbox App in development.  It needs to upload and download files for a given client account.  This account is not my account that files are being uploaded and dowloaded to, it's the client(s) account.  I see that if the App is in production a Dropbox user can give access to the App.   However, as stated, my App is in dev.  To go into production Dropbox says I need 50 users.  So, given this information, how can I allow my client to allow my App access to their account to upload and download files.  I need full control or near full control because my client is expecting files to be in folders that they specify i.e., they have a naming convention for where the files are.  How can my client gain access to my App in dev and how can my App have the required functionality stated.

  • When using the Dropbox OAuth app authorization flow, the resulting access token (and refresh token, if requested) will be connected to whichever account was signed in and authorized the app during the app authorization flow. Any API calls made with that access token will be made for that particular account.

     

    So, when you process the app authorization flow while signed in to your account, the app receives an access token for your account. To get an access token for your client's account, they should process the app authorization flow for your app while signed in to their account.

  • Greg-DB's avatar
    Greg-DB
    Icon for Dropbox Staff rankDropbox Staff

    You can use the Dropbox API to access the full contents of a connected account even if the app is still in development status. The production versus development status only controls how many different accounts can be connected to your app. If you'll never need to have more than 50 accounts connected, you don't need production status.

     

    The access type of your app controls what files your app can access. (This is different than the production versus development status of the app.) To be able to access any/all files in a connected account, you should use "full Dropbox" access. You can find more information on the access types here.

     

    Finally, to allow another user to connect their account to your app, you should implement the OAuth app authorization flow.

    • kenf999's avatar
      kenf999
      New member | Level 2

      Thanks Greg. 
      I think I am missing one thing.  The App already has full access,  The App connects with oauth2 flow and I can query my acocunt.  The part I think I am missing is during the OAuth2 flow.  Where in the Auth call or Token call am I specifying the other account.  How does the call to the API know which account is requesting an auth token for the first time?  For instance, in another product, the user is made to log in or sign up for an account prior to allowing the App to have access.  Does the same go for Dropbox?  Is it the logging into Dropbox during the oAuth2 request, if the client is not already logged in,  the thing that identfies which account is requesting access?  Same would go for if the client is already logged in to Dropbox.  Being logged into Dropbox identifies the account and I don't have to actually pass anything extra to the Apps already working oAuth2 flow.  Note, this is first time not returning clients.

      • Greg-DB's avatar
        Greg-DB
        Icon for Dropbox Staff rankDropbox Staff

        When using the Dropbox OAuth app authorization flow, the resulting access token (and refresh token, if requested) will be connected to whichever account was signed in and authorized the app during the app authorization flow. Any API calls made with that access token will be made for that particular account.

         

        So, when you process the app authorization flow while signed in to your account, the app receives an access token for your account. To get an access token for your client's account, they should process the app authorization flow for your app while signed in to their account.