Dropbox Access Tokens are string keys which are generated in order for applications to make calls to the Dropbox API. Possessing a token grants access to a Dropbox account, allowing access to account information and files in that account.
These tokens must be used within BrightBuilder under the properties of the File Data Accessor, or in scripts when accessing Dropbox files using BrightServer. If a token is invalid, any synchronisation or Script object initialisation will fail, with the following Dropbox exception:
com.dropbox.core.BadRequestException: Error in call to API function "files/list_folder": Invalid authorization value in HTTP header "Authorization": "Bearer". Expecting "Bearer <oauth2-access-token>".
Tokens are associated with Dropbox Apps - each App which is registered access to Dropbox may have a set of tokens which may be used to access to files based on the App's access type. An App may generate any number of tokens freely at any time. They remain active as long as the application is registered with Dropbox, and are only revoked if the application is removed from Dropbox's Settings > Security > Apps Linked settings. Any revoked token may not be used, even if an application is re-registered.
For more information on the use and authorisation of tokens in Dropbox, please refer to the following guide:
https://www.dropbox.com/developers/reference/oauth-guide
As
tokens generated for Dropbox allows anyone possessing the token to
add, modify and potentially delete files within the account, if stored,
it is recommended to always keep
this information private. As BrightBuilder stores these values
in the BEP, it is strongly recommended to password
protect any file using Dropbox File data sources.
BrightBuilder includes a step-by-step process to simplify the generation of tokens. This may be performed via the Tools > Request Dropbox Access Token menu option. Completing this process will register and grant full Dropbox access to the 'BrightServer Xpress Client' App, and generate a token which may be used for the account. The steps for this process are detailed in the 'Generating Tokens via BrightBuilder' section below.
Alternatively, custom Dropbox Apps may be created via Dropbox's Developer page. Completing the App Creation process via Dropbox may create Apps with full or limited Dropbox access. After it is registered, a token may be generated via the App console.
If file access is limited to a specific App folder, the files will be located in the '/Apps/<APP NAME>' folder within Dropbox. File paths specified are relative to this path, for example, if accessing a file located at full path '/Apps/<APP_NAME>/ExampleFolder/Example.txt', the App folder path would be '/ExampleFolder/Example.txt'.
For more information on this process, please refer to the following
pages:
https://www.dropbox.com/developers/apps/create
https://blogs.dropbox.com/developers/2014/05/generate-an-access-token-for-your-own-account/
Completing this process will register the 'BrightServer Xpress Client' App on the server and produce a token which may be used within BrightBuilder's Sync Points, Scripts or Configurations. To start, locate and tap on the Tools > Request Dropbox Access Token menu option, then:
Tap on the 'Go to Dropbox website' button, which will open a Dropbook authorisation page.
Log in if required, then tap the 'Allow' button to generate a Dropbox Auth code on the website. This will load an App Auth Code - copy this value from this screen.
