Child Item

How can I restrict token use to a certain domain or IP address?

I'm using an access token to make calls to a single account. How can I restrict that token, so that Dropbox only accepts API calls from a certain domain or IP address?

We keep our tokens safe, but it would be good to restrict access in case the token gets stolen. This seems like a common API structure to help manage security, but I can't find the setting in Dropbox.

Thanks,

John

Find more posts tagged with

API

Abuse

Comments

Greg-DB

Hi John, the Dropbox API doesn't offer this, but I'll be sure to pass this along as a feature request.

SandroRibeiro

I have that same need. I will handle very sensitive information and one of the business requirements is the restriction by IP. The implementation of this feature would certainly make me choose Dropbox.

Greg-DB

@SandroRibeiro Thanks for the additional feedback!

Lansend

This question was first asked in 2016 , and then 2020. I too now have a similar requirement. Client wants to restrict drop box access to business account to just the corporate network. In other words user cannot access from home or other location.

Greg-DB

@Lansend I don't have any news on this request, but thanks for the note!