You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
tkirby926
2 years agoExplorer | Level 3
Allowing Website users to Dynamically create auth tokens and upload/download images
I am searching for a way to implement Dropbox as the data folder for images on my social media site, with api calls made client-side to upload and download images that populate the site. Considering ...
Greg-DB
Dropbox Staff
tkirby926 Здравко is correct. The Dropbox API was designed with the intention that each user would link their own Dropbox account, in order to interact with their own files. While it is technically possible to always connect to just one account for all users, we do not officially support this, for various technical and security reasons. For instance, you could use a refresh token to maintain long-term access without repeated manual user interaction, but you shouldn't expose the token(s) for your own account to other users.
tkirby926
2 years agoExplorer | Level 3
Thank you very much for your help on this. Looking back, I cannot believe I even asked this question based on the numerous security flaws involved. My plan is to authenticate and upload/download on the server side. For my python backend, I still have the question of how to do this. I may not be understanding everything right, and I apologize for the inconvenience if this is the case, but my understanding is still that the way to receive an authorization code is through clicking the authorization url and manually getting it. I was wondering if there was a way my server code could receive that auth token directly using the python SDK and use it to upload/download, refreshing the code regularly so it does not get stale. I don't see any good solution that would involve clicking the url every 4 hours in my automated app, and it seems foolish to try to implement a bot that would regularly click the link itself and extract the code. Would you suggest having an initial token and then using a refresh token to maintain access on my server? Please let me know the best way to do this, and thank you so much for the help.
- Greg-DB2 years agoDropbox Staff
The OAuth process where the user chooses to authorize the app and the app then receives the resulting access token and optional refresh token does require manual interaction, but this only needs to be done once per Dropbox account.
If your app needs to maintain long-term access without the user manually re-authorizing it repeatedly, the app should request "offline" access so that it gets a refresh token. The refresh token doesn't expire and can be stored and used repeatedly to get new short-lived access tokens whenever needed, without the user manually reauthorizing the app.
The Dropbox SDKs can handle this automatically for you. For the official Dropbox Python SDK, you can find examples of this flow at the following links:
- https://github.com/dropbox/dropbox-sdk-python/blob/main/example/oauth/commandline-oauth-scopes.py
- https://github.com/dropbox/dropbox-sdk-python/blob/main/example/oauth/commandline-oauth-pkce.py
When configuring the client like that, it will perform the refresh process for you automatically.
- julio_diniz_perdigao10 months agoExplorer | Level 3
Maybe old, but you have 2 options. I don't know if in 2022, this endpoints was available.
1 - for small files (up to 150MB) use the endpoint get_temporary_upload_link, so you can make uploads directly from client-side.
2 - upload to your server and then, use save_url endpoint to request DropBbox do download the file from your server to your dropbox account.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
5,888 PostsLatest Activity: 2 days agoIf you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!