cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community
English
Announcements
Want to know what we learned at IBC? Check out our learnings on media, remote working and more right here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

.NET API - Authorization issue

.NET API - Authorization issue

Ghislain Sommervogel
Explorer | Level 4
21 hours ago

Hi all,

We have an app that relies on the business API. It creates groups, members, team folders, etc. As a team administrator, I can run it and it's working properly. My problem is that the targeted users are not able to run it. They receive an error message during the authentication flow saying that they need to be team administrator to allow the app to run. But in real life, they DO have access to the administration interface on the web, using their own dropbox account. And they can do manually all the exact same operations conducted by the app. For what I understand, they have all the required permissions, but because they are not technically "team admin", the application won't run.

For testing purposes, I created a mini-app only requiring the "groups.write" permission in the Team Scopes section. All my users have this permission because they do manage groups in their everyday life. But again: they are not team admin and can't run this (very limited) app.

Giving these users a full admin access is not an option for the top management (I've asked). I was told that they have sufficient rights and that the application should use only their current rights. Did I miss something? And if not, what is the workaround? 

Thanks for your help!

Ghislain

 

  • 0 Likes
  • 1 Replies
  • 64 Views
0 Likes
1 Reply 1

DB-Des
Dropbox Engineer
10 hours ago

Hi @Ghislain Sommervogel,

 

Only team admins are able to authorize apps with team scopes enabled. If you want to allow non-admins to connect to an app with team scopes enabled, you can request individual-only scopes by adding the necessary scopes in the scope parameter when constructing the Authorization URL.

 

Alternatively, if your app does not need team scopes, you can configure this by disabling the team scopes entirely from the app's Permissions settings from within the App Console. Just as mentioned above, if an individual-only scoped app will sometimes need to use team scopes, you can specify which scopes to request by setting the particular set of scopes in the scope parameter when constructing the Authorization URL.

 

I hope you find this information helpful!

0 Likes
Need more support?
Who's talking

Top contributors to this post

  • User avatar
    DB-Des Dropbox Engineer
What do Dropbox user levels mean?