We are aware of the issue with the badge emails resending to everyone, we apologise for the inconvenience - learn more here.

Forum Discussion

horton's avatar
horton
Helpful | Level 5
4 years ago

Oauth Dialogue Flow

Hi,

 

We are developing a new collaboration app using the Full Dropbox API.

 

Currently, the Oauth dialogue/flow includes two warning/authorization pages:

 

Page 1. "Before you connect this app ..." The user must click a Continue button.

Page 2. "AppName would like to: Edit, View/Manage, View ... etc." The user must click an Allow button.

 

This is obviously a lot of friction for the user. Is there anyway we can use just one warning/auth page? Does one of these pages disappear once we have production status?

 

Thoughts and guidance would be much appreciated.

API
  • Greg-DB's avatar
    Greg-DB
    4 years ago

    The shorter version is shown for apps with legacy non-scoped permissions, where the app requests non-granular access.

     

    The longer version is shown for apps with the new scoped permission, where the app can request access on a more granular level.

     

    Dropbox will eventually migrate everything to the new scopes permission, in order to enable more granular permissions for all apps. You can find more information on the migration here. You can also find more information on using scopes in the OAuth Guide and authorization documentation.

     

    You can't revert a scoped app to a legacy non-scoped permission, but you can reduce the size of that text by removing any scopes that your app doesn't need. You can either disable scopes for your app entirely, via the "Permissions" tab on the app's page on the App Console, or on the fly by requesting only the minimal set of needed scopes using the 'scope' parameter on /oauth2/authorize.

      • horton's avatar
        horton
        Helpful | Level 5
        4 years ago

        Greg-DB  ... a follow-up question.

         

        On our staging server, the Dropbox warning/authorization is short. The page reads: AppName would like access to the files and folders in your Dropbox. Learn more

         

        On our production server, the warning/authorization is longer. The page reads: AppName would like to:

        • Edit content of your Dropbox files and folders, view content of your Dropbox files and folders, and view and edit information about your Dropbox files and folders
        • View and manage your Dropbox file requests and Dropbox sharing settings and collaborators
        • View basic information about your Dropbox account such as your username, email, and country

        Because it is better UX, we would like to use the shorter, staging server text on our production server? Is this possible? If so, please explain how?

         

         

  • ericavedua's avatar
    ericavedua
    New member | Level 2
    2 years ago
    Looking forward for more convenient when it comes flow auth. THANKS

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

5,877 PostsLatest Activity: 12 months ago
325 Following

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!