You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
Hidding app_key and app_secret inside a possible desktop app
I have build a desktop app that will be distributed to any user who likes to use it. How do I use the core api (with python) to hide the both keys assigned by Dropbox for the app I made?
Seems to ...
Hi,
I have the same problem now but I have another question to your proposed fix. The "implicit" flow of OAuth 2.0 still requires the "app_key", which has to be stored in the application itself, thus enabling others to impersonate my app with the implicit flow. I don't understand the exact role of the app secret.
Also: The current Python SDK doesn't support the implicit flow by itself, so I am forced to use the RESTClient which is used internally by the SDK, right?
Edit: After some testing I found that the implicit flow requires a redirect_uri. The problem with that is, I can't intercept the redirect to the URI without a local webserver or an in-app browser. Is there any way around this?
Just for clarification: I am talking about a desktop application, not a client browser application using JavaScript or anything.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
