Child Item

API v2 removed file type permissions

Out of curiosity, can anyone from Dropbox explain why API v2 removed file type permissions? In v1, an app can request to only access image files (more info here). This gives the user confidence that the app won't do anything inappropriate using their Dropbox account. If an app only wants to access image files (like how Carousel does), the user will know that it won't be able to access sensitive text documents.

I'm curious why this type of permission was removed and v2 only supports "full access" or "app folder." Neither really seem to fit the purpose of many apps out there (like organizing just photos). I believe this change makes it the authorization process significantly worse as users are turned off by any app that wants full access to their account.

Find more posts tagged with

API

Abuse

Comments

Greg-DB

Thanks for the feedback! It's much appreciated, and feedback like this helps us decide how to prioritize our product direction. I can't speak much to why one feature or another was or wasn't implemented (in this case support for the file type permission on the new API v2), but I'm sending this along to the team as a request.

James Z.3

Thanks Gregory for relaying the information along. Especially in today's environment where people really care about their privacy and the large number of apps that we all connect to, I think it's crucial to bring back file type permissions. As an developer, I don't want any of my users to think that it's even possible for my app to access their private text documents if I'm building an app for just viewing photos.