Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How do I authenticate a Dropbox app and use the API without leaving the webpage?

I need users to grant my app permission to access their Dropbox, but I would very much like for them to not have to leave my website and then come back. The authentication API that I know of requires that the user be logged into their Dropbox account, and that they authenticate the app on the Dropbox website.

Is there some way around this?

--Edit--

So I know that we can use Google/Facebook's authentication API such that the user is prompted to allow/deny the app within the same window (SO does this). If we can do something of this sort with the Dropbox API, that would be awesome.

Thanks!

like image 669
efficiencyIsBliss Avatar asked Apr 24 '12 00:04

efficiencyIsBliss


People also ask

How does the Dropbox API handle authentication?

In general, the Dropbox API uses HTTP POST requests with JSON arguments and JSON responses. Request authentication is via OAuth 2.0 using the Authorization request header or authorization URL parameter.

What can you do with Dropbox API?

The powerful, yet simple, API allows you to manage and control content programmatically and extend Dropbox capabilities in new and powerful ways. This guide will take you through the basic steps required to get up and running and create a simple file organization app to help organize files within your Dropbox account.

How do I get my Dropbox API access token?

Go to the Dropbox App Console and log in (you need a Dropbox account to do this). Select Create App. After the app is created, you will be taken to the App's settings page for the app. Scroll to the OAuth 2 section, find the Generated access token section and click on Generate.


1 Answers

The Dropbox API does currently require that the authorization be processed with OAuth via the Dropbox site. You can use the 'oauth_callback' parameter to redirect the user back to your site after authorization. Docs here: https://www.dropbox.com/developers/reference/api#authorize

You can even use this within a single tab for the whole process (which is what StackOverflow with Google's login seems to do.) That is, redirect the user's current page to the authorize page, and use 'oauth_callback' param with the necessary action/information to return to your site and indicate the user is coming back from authorization.

like image 89
Greg Avatar answered Oct 17 '22 00:10

Greg