Configure Dropbox for AppFabric
Dropbox helps your organization get better work done faster by bringing your people together - no matter what they’re working on, where they’re working, or what kind of tools they happen to be using. It enables users to accelerate innovation and efficiency by providing a simple, secure way to share content. Dropbox is one place to keep life organized and keep work moving. With more than 700 million registered users across 180 countries, Dropbox is on a mission to design a more enlightened way of working.
You can use AWS AppFabric for security to audit logs and user data from Dropbox, normalize the data into Open Cybersecurity Schema Framework (OCSF) format, and output the data to an Amazon Simple Storage Service (Amazon S3) bucket or an Amazon Data Firehose stream.
AppFabric support for Dropbox
AppFabric supports receiving user information and audit logs from Dropbox.
Prerequisites
To use AppFabric to transfer audit logs from Dropbox to supported destinations, you must meet the following requirements:
-
You must have a Dropbox Business account. For more information about creating or upgrading to a Dropbox Business account, see Dropbox Business
on the Dropbox website. -
You must have a user with the Team Admin role in your Dropbox account. For more information about roles, see How to change admin rights for your Dropbox team
on the Dropbox Help Center website.
Rate limit considerations
Dropbox imposes rate limits on the Dropbox API. For
more information about the Dropbox API rate limits, see Rate
limits
Data delay considerations
You might see up to a 30-minute delay for an audit event to be delivered to your
destination. This is due to delay in audit events made available by the application
as well as due to precautions taken to reduce data loss. However, this might be
customizable at an account-level. For assistance, contact AWS Support
Connecting AppFabric to your Dropbox account
After you create your app bundle within the AppFabric service, you must authorize AppFabric with Dropbox. To find the information required to authorize Dropbox with AppFabric, use the following steps.
Create an OAuth application
AppFabric integrates with Dropbox using OAuth. To create an OAuth application in Dropbox, use the following steps:
-
Choose Create app in the Dropbox App Console at https://www.dropbox.com/developers/apps
. -
On the new application configuration page, choose Scoped access for the API.
-
Next, select Full Dropbox for the type of access.
-
Name your OAuth application, and then chose Create app to complete the initial OAuth application setup.
-
On the application info page, add a redirect URL with the following format in the OAuth2 redirect URIs field.
https://
<region>
.console.aws.amazon.com/appfabric/oauth2In this URL,
is the code for the AWS Region in which you configured your AppFabric app bundle. For example, the code for the US East (N. Virginia) Region is<region>
us-east-1
. For that Region, the redirect URL ishttps://
.us-east-1
.console.aws.amazon.com/appfabric/oauth2 -
Choose Add.
-
Copy and save your app key and app secret for use in the AppFabric app authorization.
-
You can leave all other fields on the Settings tab with their default values.
Required scopes
You must add the following scopes to your Dropbox app using the Permissions tab on the app info screen:
-
account_info.read
-
team_data.member
-
events.read
-
members.read
-
team_info.read
Choose Submit after you are done.
App authorizations
Tenant ID
AppFabric will request your tenant ID. Enter any value that uniquely identifies your Dropbox account, such as team name.
Tenant name
Enter a name that identifies this unique Dropbox account. AppFabric uses the tenant name to label the app authorizations and any ingestions created from the app authorization.
Client ID
AppFabric will request a client ID. The client ID in AppFabric is your Dropbox app key. To find your Dropbox app key, use the following steps:
-
Navigate to the Dropbox App Console at https://www.dropbox.com/developers/apps
. -
Find the app that you use to connect AppFabric.
-
Find the app key in the Status section of the app’s info page.
-
Enter the app key for your Dropbox app into the Client ID field in AppFabric.
Client secret
AppFabric will request a client secret. The client secret in AppFabric is your Dropbox app secret. To find your Dropbox app secret, use the following steps:
-
Navigate to the Dropbox App Console at https://www.dropbox.com/developers/apps
. -
Find the app that you use to connect AppFabric.
-
Find the app secret in the Status section of the app’s info page.
-
Enter the app secret for your Dropbox app into the Client Secret field in AppFabric.
Approve authorization
After creating the app authorization in AppFabric, you will receive a pop-up window from Dropbox to approve the authorization. To approve the AppFabric authorization, choose Allow.