Dropbox

Dropbox is a cloud storage and file synchronization service with cross-platform support. In Blober, Dropbox paths use this format:

/folder/subfolder/file.ext

Capabilities

• ✅ Browse folders and files
• ✅ Upload files (simple upload up to 150 MB, upload sessions up to ~2 TB)
• ✅ Download files
• ✅ Create folders (automatically created when uploading)
• ✅ Delete files/folders
• ✅ Copy files within Dropbox
• ✅ Move files within Dropbox
• ✅ View file metadata (size, dates, content hash)
• ✅ Progress tracking for uploads
• ✅ Automatic rate-limit retry (HTTP 429)
• ✅ Token auto-refresh (OAuth flow only)

Prerequisites

• A Dropbox account (free or paid)
• A Dropbox App created in the Dropbox App Console

Authentication Methods

Blober supports two ways to connect to Dropbox. Choose the one that fits your workflow:

Method	Setup Complexity	Token Lifetime	Auto-Refresh
Generated Access Token	Simple	~4 hours	❌ No — must regenerate manually
App Key + Secret (OAuth)	Moderate	Indefinite	✅ Yes — automatic via refresh token

Tip

If you plan to run unattended/scheduled workflows, use App Key + Secret (OAuth) — it auto-refreshes expired tokens so your workflows won’t break after 4 hours.

If you just want to try Blober quickly, Generated Access Token gets you started in under a minute.

---

Option 1: Generated Access Token

Use a short-lived token generated directly from the Dropbox App Console. Quick to set up but requires manual renewal every ~4 hours.

Credential fields:

Field	Description
Dropbox Generated Access Key	Bearer token string (e.g., sl.u.AGUFCwsCKpMW-...)

Setup steps

1. Create a Dropbox App and configure permissions (see below)
2. In your app’s Settings tab, scroll to OAuth 2
3. Click “Generate” under Generated access token
4. Copy the token — it is only shown once
5. In Blober, go to Workflows → New Workflow
6. Select Dropbox as source or destination
7. Paste the token into the Dropbox Generated Access Key field
8. Test by browsing your Dropbox files

Caution

Generated tokens expire after approximately 4 hours. When your token expires, generate a new one from the App Console and update it in Blober. Any in-progress workflows using an expired token will fail.

---

Option 2: App Key + Secret (OAuth)

Use your app’s credentials to trigger a browser-based OAuth consent flow. Blober receives a refresh token and automatically renews access tokens when they expire — no manual intervention needed.

Credential fields:

Field	Description
App Key	Alphanumeric string from your app’s Settings tab (e.g., 3p6ac1pz2b3k7k)
App Secret	Alphanumeric string — click Show to reveal (e.g., 3p6ac1pz2b3k6j)

Setup steps

1. Create a Dropbox App and configure permissions (see below)
2. Copy your App Key and App Secret from the app’s Settings tab
3. In Blober, go to Workflows → New Workflow
4. Select Dropbox as source or destination
5. Enter your App Key and App Secret in the corresponding fields
6. Click Authorize Dropbox Access — a browser window opens for consent
7. Sign in with your Dropbox account and grant permissions
8. The browser redirects back to Blober automatically — you’re connected

After authorization, Blober stores a refresh token and will automatically renew access tokens in the background. You don’t need to touch Dropbox again unless you revoke the app.

---

Required Scopes (Permissions)

Your Dropbox App must have these permissions enabled before generating an access token or authorizing via OAuth — tokens and refresh tokens inherit the scopes that were active at the time of creation.

Scope	Purpose
files.metadata.read	Browse and list files/folders
files.metadata.write	Create folders, move/copy files
files.content.read	Download files
files.content.write	Upload and delete files
account_info.read	Verify connection to your account

Setup Guide

1. Create a Dropbox App

1. Go to the Dropbox App Console
2. Click “Create app”
3. Under “Choose an API”, select “Scoped access”
4. Under “Choose the type of access you need”, select “Full Dropbox” to access all files, or “App folder” to limit access to a single folder
5. Enter an app name (e.g., Blober)
6. Click “Create app”

Tip

Choose “Full Dropbox” if you want Blober to access your entire Dropbox. Choose “App folder” if you prefer to restrict Blober to its own sandbox folder — files outside that folder won’t be visible.

2. Configure Permissions

You must set permissions before generating a token or authorizing via OAuth. Tokens inherit the scopes that were active at the time of creation.

1. In your app’s page, click the “Permissions” tab

2. Under “Individual Scopes”, enable the following:

   Files and folders:

   • ☑️ files.metadata.read
   • ☑️ files.metadata.write
   • ☑️ files.content.read
   • ☑️ files.content.write

   Account info:

   • ☑️ account_info.read

3. Click “Submit” at the bottom of the page

Caution

If you change permissions after generating a token or completing OAuth, the existing token/refresh-token retains its old scopes. You must generate a new token (or re-authorize via OAuth) for the updated permissions to take effect.

3. Choose your authentication method

Continue with Option 1: Generated Access Token or Option 2: App Key + Secret (OAuth) above, depending on your needs.

File Organization

Dropbox uses a hierarchical folder structure with forward-slash paths:

/Documents/Work/report.pdf
/Photos/2026/January/IMG_001.jpg
/Videos/vacation.mp4

• Paths are case-insensitive but case-preserving (e.g., /Photos and /photos refer to the same folder, but the display name keeps its original casing)
• Folders are created automatically when uploading a file to a path that doesn’t exist yet
• The root of your Dropbox is represented by /

How Uploads Work

Blober automatically chooses the best upload method based on file size:

Method	Max File Size	When Used	Memory Usage
Simple upload	150 MB	Files ≤ 150 MB with known size	Streams directly — no extra buffering
Upload session	~350 GB	Files > 150 MB or unknown size	One 10 MB chunk in memory at a time

Upload sessions in detail

For large files, Blober uses Dropbox’s upload session protocol:

1. Start — Opens a session and sends the first 10 MB chunk in the same request (saves a round trip)
2. Append — Sends additional 10 MB chunks sequentially, reporting progress after each one
3. Finish — Closes the session and commits the file to its destination path

Key characteristics:

• Memory-efficient: Only one 10 MB chunk is buffered at a time, regardless of total file size. A 420 MB file uses ~10 MB of memory, not 420 MB.
• Progress tracking: The progress callback fires after each chunk, giving you real-time upload progress in the Blober UI.
• Overwrite mode: Both simple upload and upload sessions use Dropbox overwrite mode — if a file already exists at the destination path, it is replaced.
• Folder creation: Parent folders are created automatically before upload if they don’t exist.

Rate Limiting and Retry

Dropbox applies rate limits on API requests. When Blober receives an HTTP 429 (Too Many Requests) response:

1. It reads the Retry-After header from Dropbox’s response (defaults to 1 second if not present)
2. Waits the specified duration
3. Retries the same request
4. Repeats up to 10 times before giving up

This applies to all API operations: uploads, downloads, listing, copy, move, and delete. Most rate limiting occurs during large batch operations (e.g., uploading hundreds of files). Under normal use, you’re unlikely to hit rate limits.

Error Handling

Blober maps Dropbox API errors to specific categories. This determines whether a failed operation can be retried automatically:

Dropbox Error	Blober Category	Auto-Retry?
path_lookup/not_found	Not Found	❌ No
invalid_access_token, expired_access_token	Permission Error	❌ No
no_permission, disallowed_name	Permission Error	❌ No
insufficient_space, over_quota	Quota Error	✅ Yes (with backoff)
HTTP 429 (rate limit)	Network Error	✅ Yes (up to 10×)
HTTP 500, 503 (server error)	Network Error	✅ Yes

If you see “Permission Error” after previously working fine, your access token has likely expired. Either generate a new one (Option 1) or re-authorize via OAuth (Option 2).

Troubleshooting

”Authentication failed” or 401 errors

• Generated access token: It likely expired (tokens last ~4 hours). Generate a new one from the App Console.
• OAuth flow: Try disconnecting and re-authorizing. If the refresh token was revoked (e.g., you disconnected the app from Dropbox settings), you’ll need to authorize again.
• Verify your App Key and App Secret are correct and belong to the same app.

Missing credentials

• Generated access token: Ensure the field is filled in with no leading/trailing whitespace.
• OAuth flow: Ensure both App Key and App Secret are filled in. If the authorization browser window didn’t appear, check that your firewall isn’t blocking localhost connections.

”Quota exceeded” errors

• You’ve run out of Dropbox storage. Free accounts have 2 GB.
• Empty your Dropbox Trash — deleted files still count toward your quota until the trash is emptied.
• Upgrade your Dropbox plan or remove files to free up space.

Insufficient permissions

• Verify all required scopes are enabled in the Permissions tab.
• If you changed permissions after generating your token or authorizing via OAuth, the existing credentials retain their old scopes. You must generate a new token or re-authorize.

Files not appearing

• Refresh the file list in Blober.
• If using App folder access, files outside the app’s folder are not visible.
• Check that the files exist in the Dropbox web app at dropbox.com.

Slow uploads

• Large files are uploaded in 10 MB chunks — this is normal and ensures reliability and low memory usage.
• Check your network speed — uploads are network-bound, not CPU-bound.
• Dropbox may throttle uploads during high-traffic periods. Blober handles this automatically via retry.

Uploads failing mid-way

• If an upload session fails partway through (e.g., network drops), the entire upload is retried from the beginning. Dropbox upload sessions cannot be resumed after an error.
• Check your network stability for very large files (400 MB+).

How to revoke access

1. Go to Dropbox account settings
2. Find your app and click “Disconnect”
3. In Blober, remove the existing connection

Revoking access invalidates all tokens immediately — both generated access tokens and OAuth refresh tokens.

Limitations

Storage quotas

Plan	Storage
Free (Basic)	2 GB
Plus	2 TB
Professional	3 TB
Business	5 TB+ per user

API limits

Limit	Value
Simple upload max file size	150 MB
Upload session append max per request	150 MB
Upload session max total file size	350 GB
Upload session expiry	7 days (not a concern — uploads complete in minutes)
Rate limiting	Automatic retry with Retry-After (up to 10×)
Data transport (Dropbox Business)	Monthly API call quotas may apply — contact your admin

Path limits

• Maximum path length: 260 characters
• Individual file/folder names: up to 255 characters

Other limitations

• No cross-provider copy/move: Copy and move only work within the same Dropbox account. To transfer files between Dropbox and another provider, use a workflow with upload + download.
• Case-insensitive paths: Dropbox treats /Photos/IMG.jpg and /photos/img.jpg as the same file. Be careful when migrating from case-sensitive storage providers.

Terms Compliance

Your use of Dropbox through Blober is subject to Dropbox’s Terms of Service. See our Terms of Service for details.

External References

• Dropbox App Console — create and manage your app
• Dropbox API v2 Documentation — full API reference
• Dropbox Plans & Pricing — storage limits by plan