How do I authenticate a Dropbox app and use the API without leaving the webpage?

Question

I need users to grant my app permission to access their Dropbox, but I would very much like for them to not have to leave my website and then come back. The authentication API that I know of requires that the user be logged into their Dropbox account, and that they authenticate the app on the Dropbox website.

Is there some way around this?

--Edit--

So I know that we can use Google/Facebook's authentication API such that the user is prompted to allow/deny the app within the same window (SO does this). If we can do something of this sort with the Dropbox API, that would be awesome.

Thanks!

Answer 1

Use an iframe.

open the Oauth in an iframe. set the redirect to iframe_done.html

when iframe_done.html loads up, it will be the same domain as your main page, so it can communicate outside of the iframe, just get the key you just received and pass it up to the parent, who will use the key and close the iframe, giving the impression it all happened there.

Answer 2

The Dropbox API does currently require that the authorization be processed with OAuth via the Dropbox site. You can use the 'oauth_callback' parameter to redirect the user back to your site after authorization. Docs here: https://www.dropbox.com/developers/reference/api#authorize

You can even use this within a single tab for the whole process (which is what StackOverflow with Google's login seems to do.) That is, redirect the user's current page to the authorize page, and use 'oauth_callback' param with the necessary action/information to return to your site and indicate the user is coming back from authorization.