Reputation: 539
Dropbox Http API - get files/folders for current token's account
I'm trying to get files and folders for the user who approved my app (and now I have the token after his approval).
I was able to scan all users in the team by getting the user dbid and using it with "Dropbox-API-Select-User" header, but I want sometimes to scan only the current user (user that approved my app).
I couldn't get his dbid for now and when I try to go to "https://api.dropboxapi.com/2/users/get_current_account" without the "Dropbox-API-Select-User" header I'm getting a message that this header is missing.
Any ideas how can I get to his files/folders without the dbid, or somehow get his dbid? maybe in the Authorization process somehow? or some other APIs?
I'm using this API: https://www.dropbox.com/developers/documentation/http/documentation
my request to get current account: https://api.dropboxapi.com/2/users/get_current_account
my headers:
Content-Type:application/json
Authorization: Bearer my_token
and I'm getting this error: Error in call to API function "users/get_current_account": Missing required X-Dropbox-Perform-As-Team-Member header
Thanks.
Upvotes: 1
Views: 2527
Answers (1)
Reputation: 16930
Dropbox Business API apps are linked to the entire team, not any individual team member. That being the case, there isn't any concept of the "current user", beyond what your app specifies via the Dropbox-API-Select-User or X-Dropbox-Perform-As-Team-Member header. A Dropbox Business API app always needs to specify a specific user when using a user endpoint. You can get member IDs from the Business API endpoints, e.g., using /team/members/list.
Only admins of the team can authorize the app, and it sounds like you may want to act on the account of the particular admin on the team who happened to authorize the app. The Dropbox Business API doesn't return information regarding which admin did perform the authorization though. Further, the authorization could occur multiple times by multiple admins anyway.
Note that if you only ever want to perform API calls for the specific user that authorizes the app, you register and should use a normal Dropbox API app, instead of a Dropbox Business API app. A Dropbox API app is only linked to a the user, and not the team, and doesn't require an extra header for specifying a team member.
Edit:
The Dropbox API now offers a way to determine which admin authorized a particular access token, using /team/token/get_authenticated_admin.
If you're using an official SDK, there will also be corresponding method for this endpoint.
Upvotes: 5
Related Questions
- Can the app permission/verification be bypassed for Dropbox API?
- Dropbox API (Python) - How to get access to Team and User files
- Upload large files to Dropbox via HTTP API
- Why do two files viewed through the Dropbox API have the same id?
- Dropbox integration for application
- How to get share's url of a file using Dropbox python API?
- Dropbox API /save_url set custom headers for Dropbox to use when requesting the file from url
- Dropbox V2 Http API
- Dropbox API usage for DBSyncStatus active