Skip to content

Connector Overview

  • File Access Manager Connector for Dropbox for Business uses the Dropbox Business API for event monitoring, identity, and permissions collection.

  • The Dropbox Business and Core APIs uses the OAuth 2.0 authorization protocol to authenticate and authorize API requests.

  • SecurityIQ for Dropbox Connector is a registered Dropbox App, which requires a short authorization process to use the Dropbox Business API during the definition of the Dropbox application.

  • After the initial authorization process, File Access Manager handles the OAuth token management automatically and refreshes the token if needed.

Capabilities

This connector enables you to use File Access Manager to access and analyze data stored in DropBox and do the following:

  • Analyze the structure of your stored data.

  • Monitor user activity in the resources.

  • Classify the data being stored.

  • Verify user permissions on the resources, and compare them against requirements.

  • Manage access fulfillment - automated granting and revoking of access, according to rules set in File Access Manager.

  • Identity collector – collect IAM users, groups and roles and the connections between them.

See the File Access Manager documentation for a full description.

DropBox Connector Installation Flow Overview

To install the DropBox connector:

  1. Configure all the prerequisites.

  2. Add a new DropBox application in the File Access Manager website.

  3. Install the relevant services:

    • Activity Monitor

Note

DropBox currently does not support the Cloud-Ready architecture for permissions collection and data classification. Permission collection and data classification tasks will run on the central engine services associated with the application, regardless of whether these services have one or more collectors associated with the central engine.

Permissions Collection Operation Principles

Dropbox Permissions Collection task uses Dropbox Content API to retrieve information from the DropBox application.

File Access Manager creates a Dropbox Identity Collector automatically at the end of the Add New Application wizard, which collects the Users and Groups from Dropbox.

Monitored Activities

Monitored events are as defined in the Dropbox Business API specification.

Note

This published event list is not comprehensive. Due to Dropbox API being under migration to v2, the documentation currently available on the website is incomplete. File Access Manager supports all event types.

Some events are excluded by default. To modify which event types are excluded, edit the excludedEventTypes value in the WBX.DropboxBAMHost.dll.config file.