When you link your Dropbox account, you enable us to help you securely access and organize your files. This article explains what happens during the linking process, what permissions we use, and how shared folders and files are handled—especially in team or business Dropbox environments.
Understanding Shared Files and Folders
Dropbox supports two sharing models:
Shared Folders: These are folders shared with other individuals or groups. Files and subfolders within these inherit access from the parent folder unless explicitly shared separately.
Note: Dropbox does not automatically generate shared links upon creation of a new folder or file. Shared links must be created manually or through an API call.
Directly Shared Files: These are files individually shared without being placed inside a shared folder.
Our platform identifies both models and surfaces access rights based on Dropbox metadata, including inherited access, group sharing, and external link visibility.
Note: File and folder sharing may include inherited permissions, group access, and shared links, which can affect visibility and access in subtle ways.
Why Some Shared Items May Not Appear Right Away
In enterprise Dropbox environments, there are technical limitations and syncing behaviors that may affect when and how files and folders appear after integration. Common causes for missing or delayed visibility include:
Mounting Requirements: Shared folders must be actively added (or "mounted") to a user’s Dropbox account before they become fully visible through the API.
Pending Invitations: Shared content will not appear unless the recipient has accepted the share invitation.
Metadata Delays: Dropbox may take several minutes to reflect changes in permissions, shared status, or new access.
API Limitations: Dropbox does not expose folder sizes, updated timestamps for folders, or remote creation timestamps for files or folders. Additionally, deleted files or folders are not returned with their identifiers, making change tracking difficult.
Link-based Sharing: Items shared via public links (rather than direct access) may not expose full metadata and permissions.
Recommendations:
Ensure users have accepted shared folder invitations and added them to their Dropbox
Recheck content after a brief delay to account for metadata propagation
Cross-reference content visibility with known folder structures and direct shares
External Collaborators and Teams
If you’re part of a Dropbox Business team, shared content might include people outside your organization.
Why We May Ask for Additional Permissions
To support features like showing folder membership or file sharing settings, our app may prompt you to grant additional Dropbox permissions. These are strictly used to:
Read who has access to a file or folder
Detect if items are part of a shared folder or directly shared
Identify external collaborators
Permissions Sync Limitation for Non-Admins
Why are permission changes not always reflected in Dropbox syncs?
Our system relies on Dropbox's Team Event Log API (/team_log/get_events
) to track file and folder permission changes across your organization. However, this API is only accessible to users with admin-level access via a team-scoped access token.
If you're not an admin, Dropbox does not provide permission to access this event log. As a result:
Changes to sharing settings (e.g., new collaborators, removed users, link access changes) may not be captured during regular syncs.
Non-admin users will still see their own file/folder access, but won't be able to detect changes made by others.
To ensure accurate syncing of permission updates, we recommend connecting Dropbox using an admin account with the appropriate team access permissions.