What is the Dropbox API?

The Dropbox API allows developers to integrate Dropbox functionality into their applications, enabling programmatic access to file storage, sharing, and management features within user accounts.

Do I need a paid Dropbox account to use the API?

No, you can use a free Dropbox Basic account (2 GB storage) for API development and testing. Paid plans offer increased storage and features but are not required for initial API access.

How do I get an API key or access token?

You obtain an access token by creating an app in the Dropbox App Console. For development, you can generate a short-lived token directly. For production, you implement the OAuth 2.0 authorization flow to get long-lived tokens.

What is OAuth 2.0 and why does Dropbox use it?

OAuth 2.0 is an authorization framework that allows third-party applications to obtain limited access to a user's account without exposing their password. Dropbox uses it to securely grant your app permissions to access user files.

Which programming languages are supported by Dropbox SDKs?

Dropbox provides official SDKs for Python, Java, Go, Swift, JavaScript, and C#, simplifying API interactions in these languages.

What is the difference between 'Full Dropbox' and 'App folder' access?

'Full Dropbox' access grants your app permission to all files and folders in a user's Dropbox. 'App folder' access restricts your app to a dedicated folder within the user's Dropbox, suitable for apps managing their own data.

How can I test my API integration without affecting my main Dropbox files?

You can use a dedicated test account or configure your app with 'App folder' access to ensure that any files created or modified during testing are isolated to a specific folder.

Dropbox Getting Started: API Integration Guide (2026)

Dropbox getting started: The process involves creating a developer account, generating an access token, and then using that token to authenticate API requests. Developers can manage files, folders, and sharing programmatically, leveraging Dropbox's cloud storage infrastructure.

Getting started overview

Integrating with the Dropbox API allows developers to programmatically access and manage files and folders stored in Dropbox. The process typically involves setting up a developer account, creating an application, obtaining authentication credentials, and then making HTTP requests to the API endpoints. Dropbox utilizes OAuth 2.0 for API authorization, providing secure access to user data without sharing user credentials. Developers can choose to interact with the API directly via HTTP or use one of the officially supported SDKs for languages like Python, Java, or JavaScript, which abstract away much of the HTTP request handling and authentication complexity.

This guide focuses on the foundational steps required to get a Dropbox API integration operational, from initial account setup to executing a basic API call. Understanding these steps is crucial for building applications that leverage Dropbox's file storage and sharing capabilities.

Quick reference steps

The following table provides a high-level overview of the steps involved in getting started with the Dropbox API:

Step	What to do	Where
1. Create Dropbox Account	Sign up for a personal Dropbox account, if you don't have one.	Dropbox homepage
2. Access Developer Console	Navigate to the Dropbox Developers website and sign in.	Dropbox Developers documentation
3. Create New App	Register a new application in the App Console. Choose API permissions and access type.	Dropbox App Console
4. Generate Access Token	Generate a short-lived or long-lived access token for testing or production.	Your specific app's settings in the Dropbox App Console
5. Make First API Call	Use the access token to make an authenticated request to a Dropbox API endpoint.	Your preferred development environment with an HTTP client or SDK

Create an account and get keys

Before interacting with the Dropbox API, you need a Dropbox account. A Dropbox Basic account offers 2 GB of storage for free and is sufficient for initial API development and testing.

Setting up a developer account

Sign up for Dropbox: If you don't already have one, create a personal Dropbox account by visiting the Dropbox homepage and following the registration prompts.
Access the Developer Console: Once you have an account, navigate to the Dropbox Developers documentation page and sign in with your Dropbox credentials.
Create a New App: From the developer console, go to the App Console. Click on "Create app" or "Create your first app".
Configure App Details:
- Choose an API: Select "Dropbox API".
- Choose the type of access: For most integrations, "Full Dropbox" provides access to all files and folders in a user's Dropbox. "App folder" restricts access to a dedicated folder within the user's Dropbox, which is suitable for apps that only need to manage their own data.
- Name your app: Provide a unique name for your application. This name will be visible to users when they authorize your app.
- Set permissions: Under the "Permissions" tab in your app's settings, enable the necessary scopes (e.g., files.content.read, files.content.write, users.read). These define what actions your app can perform.
Generate an Access Token: For development and testing, you can generate a short-lived access token directly from your app's settings page in the App Console. Locate the "Generated access token" section and click "Generate". This token is valid for a limited time (typically 4 hours) and is useful for quick testing. For production applications, you will implement the OAuth 2.0 authorization flow to obtain long-lived refresh tokens and access tokens, as detailed in the Dropbox OAuth Guide.

Your first request

Once you have an access token, you can make your first API call. This example demonstrates listing the contents of the root folder using the /files/list_folder endpoint.

Using cURL

You can make a direct HTTP request using curl from your terminal. Replace <YOUR_ACCESS_TOKEN> with the token you generated.

curl -X POST https://api.dropboxapi.com/2/files/list_folder \
    --header "Authorization: Bearer <YOUR_ACCESS_TOKEN>" \
    --header "Content-Type: application/json" \
    --data "{\"path\": \"\"}"

A successful response will return a JSON object containing a list of entries (files and folders) in your Dropbox root directory, along with a cursor for pagination and a has_more flag.

{
    "entries": [
        {
            ".tag": "folder",
            "name": "Photos",
            "id": "id:aBcDeFgHiJkL",
            "path_lower": "/photos",
            "path_display": "/Photos"
        },
        {
            ".tag": "file",
            "name": "document.pdf",
            "id": "id:lMnOpQrStUvW",
            "client_modified": "2023-10-26T10:00:00Z",
            "server_modified": "2023-10-26T10:00:00Z",
            "rev": "1234567890ab",
            "size": 123456,
            "path_lower": "/document.pdf",
            "path_display": "/document.pdf"
        }
    ],
    "cursor": "AAANa-cursor-string-here",
    "has_more": false
}

Using the Python SDK

For a more structured approach, consider using one of the official SDKs. Here's an example using the Python SDK:

Install the SDK:
```
pip install dropbox
```

Write Python code:

import dropbox

# Replace with your actual access token
ACCESS_TOKEN = "<YOUR_ACCESS_TOKEN>"

db = dropbox.Dropbox(ACCESS_TOKEN)

try:
    # List contents of the root folder
    response = db.files_list_folder("")
    for entry in response.entries:
        print(f"Type: {entry.tag}, Name: {entry.name}, Path: {entry.path_display}")
except dropbox.exceptions.ApiError as err:
    print(f"API error: {err}")
except Exception as err:
    print(f"Error: {err}")

This Python script will connect to your Dropbox account using the provided access token and print the name and type of each item in your root folder. For more detailed examples across various SDKs, refer to the Dropbox API reference documentation.

Common next steps

After successfully making your first API call, consider these next steps to further develop your Dropbox integration:

Explore other API endpoints: The Dropbox API offers a wide range of functionalities beyond listing folders, including uploading files (/files/upload), downloading files (/files/download), creating shared links (/sharing/create_shared_link_with_settings), and managing file metadata. Consult the Dropbox HTTP API documentation for a comprehensive list of endpoints.
Implement OAuth 2.0 flow: For production applications, you must implement the full OAuth 2.0 authorization flow to securely obtain access tokens on behalf of your users. This involves redirecting users to Dropbox for authorization and handling the callback to exchange an authorization code for an access token and refresh token. The Dropbox OAuth Guide provides detailed instructions.
Use SDKs: While direct HTTP calls are possible, using one of the official Dropbox SDKs (Python, Java, Go, Swift, JavaScript, C#) can simplify development by handling authentication, request signing, and response parsing.
Error handling: Implement robust error handling in your application to gracefully manage API errors, network issues, and invalid requests. The Dropbox API error handling documentation provides details on common error codes and their meanings.
Webhooks: To receive real-time notifications about changes in a user's Dropbox, implement webhooks. This allows your application to react to events like file modifications or deletions without constantly polling the API. Refer to the Dropbox webhooks documentation for setup and usage.

Troubleshooting the first call

When making your initial API call, you might encounter common issues. Here are some troubleshooting tips:

Invalid Access Token: Double-check that your access token is correct and hasn't expired. Generated tokens from the App Console are typically short-lived. If you're using a token from an OAuth flow, ensure your refresh token mechanism is working correctly to obtain new access tokens. An HTTP 401 Unauthorized error often indicates an invalid or expired token.
Incorrect Permissions (Scopes): Verify that your app has the necessary permissions (scopes) enabled in the Dropbox App Console. For example, to list folder contents, you need files.content.read. An HTTP 403 Forbidden error can indicate insufficient permissions.
Malformed Request Body or Headers: Ensure your HTTP request headers (especially Authorization and Content-Type) and the JSON request body are correctly formatted. Pay attention to quotation marks and JSON syntax. The Dropbox API expects Content-Type: application/json for most POST requests.
API Endpoint Issues: Confirm that you are using the correct API endpoint URL (e.g., https://api.dropboxapi.com/2/files/list_folder). Refer to the official Dropbox API reference for exact endpoint paths and required parameters.
Network Connectivity: Ensure your development environment has stable network access to the Dropbox API servers.
Rate Limits: While less common for initial calls, be aware that Dropbox enforces API rate limits. If you're making many requests in a short period, you might receive HTTP 429 Too Many Requests errors.

Dropbox Getting Started: API Integration Guide (2026)

Getting started overview

Quick reference steps

Create an account and get keys

Setting up a developer account

Your first request

Using cURL

Using the Python SDK

Common next steps

Troubleshooting the first call

Frequently asked questions

Reviews

Discussion

Written by