You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.

Forum Discussion

salven's avatar
salven
Helpful | Level 6
7 years ago

API secret in dropbox.oauth.DropboxOAuth2FlowNoRedirect and redistribution

Hi,  I am writing a simple app in the form of a python script which follows the OAuth2 procedure for the user to link and use their own account. Now, the DropboxOAuth2FlowNoRedirect() method require...
  • Greg-DB's avatar
    7 years ago

    The Dropbox OAuth 2 app authorization implementation supports two different flows:
    - the "code" flow: this flow requires both the app key and secret
    - the "token" flow: this flow only requires the app key

     

    The `DropboxOAuth2FlowNoRedirect` class in the Dropbox Python SDK uses the "code" flow, so it requires the app key and secret.

     

    The Python SDK doesn't implement the "token" flow unfortunately, but I'll pass this along as a feature request. 

     

    That being the case, to distribute a client-side Python app without including the app secret, you'd need to implement the token flow yourself, either by modifying the SDK or without using the SDK at all. Note that the token flow requires a redirect URI though, so you'd need to use a local redirect URI.