Skip to content

Dropbox App OAuth Token

Service Name: Dropbox

Service Description: Dropbox is a cloud storage service that allows users to store files online and synchronize them across devices. It offers file storage, sharing, and collaboration features for individuals and businesses.

Service Address: https://www.dropbox.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the team level for Dropbox Business accounts, but not directly for individual OAuth tokens.

Secret Access Scope: Grants programmatic access to Dropbox accounts and files according to the scopes defined during OAuth authorization. Can allow reading, writing, and managing files and folders in a Dropbox account.

Secret Revokement URL: https://www.dropbox.com/account/security

Secret Example: sl.BXhU2tpFVxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Suspicious Activity Investigation Instructions:

  • Review the Dropbox account's recent activity log for unauthorized file access or modifications.
  • Check for unfamiliar devices or locations that have accessed the account.
  • Examine file sharing settings to ensure no unauthorized sharing has occurred.
  • Review any third-party app integrations that may be using the OAuth token.
  • Check for unexpected file deletions, modifications, or uploads.

Mitigation Instructions:

  • Immediately revoke the compromised OAuth token by going to Dropbox account settings > Security > Connected apps and devices.
  • Generate a new OAuth token with appropriate scopes if the integration is still needed.
  • Review and update password for the associated Dropbox account.
  • Enable two-factor authentication if not already enabled.
  • Review and remove any unnecessary third-party app integrations.
  • Check file version history to restore any modified or deleted files.
  • Monitor account activity for a period after the incident to ensure no further unauthorized access.