AnsweredAssumed Answered

Dropbox API Integration - allowing your users to get tokens via your app

Question asked by dsimonson on May 25, 2018

I tried out the techniques from Matt Petrowski’s video on Dropbox integration (subscription necessary)


and they worked perfectly!  I need a bit more guidance, however.  This will be a long post, hopefully what I have found out and the answers folks provide here will prove helpful to others.  I posted a version of this question to Matt via the comments on his website, I will share anything I get back from him.


I have a FM Go 16 (soon to be 17, I hope) solution that is an anesthesia electronic medical record (we call it OSAEMR, for Open Source Anesthesia Electronic Medical Record).  At the end of the anesthetic, the user can choose to print out a pdf report containing the reports of their choosing.


My printing script sucks one copy of this pdf back into the file (to be reviewed or uploaded again later if desired), and also puts another copy into the FM Go file area, so they can use the Select button, select a the day’s anesthetics, and upload them en masse.


Using the techniques Matt describes in the video, I was able to make the script also upload the pdf into a new Dropbox folder created in my Dropbox account by my Dropbox app, which I called OSAEMRtest -


My Dropbox Account/Apps/OSAEMRtest/createdpdf.pdf


As I said - it worked perfectly- for me.  I did it by generating a token at the developer page based upon my Dropbox account and pasting it into the DropboxToken custom function Matt describes and then into the script laid out in the example file.  Wonderful, I was so excited!


If I can do this for my users, they will be able to automatically print and upload their anesthetic records directly into their own copy of my App Dropbox folder, which they can then share (in a HIPAA-compatible fashion, of course, using Dropbox Business and having a Business Associate Agreement [BAA] in place) with the facility and their biller.  A _huge_ improvement for most CRNAs, who are now mailing and/or faxing this information.


I of course began investigating further into the Dropbox developer materials, but I’m a bit lost negotiating URLs vs. FileMaker scripts.  Here’s what they said:


In order to have other users connect their own Dropbox accounts, you should implement the OAuth 2 app authorization flow in your app. There's a guide here that explains how that flow works:


You can find the documentation for it here:


(If you're using an official Dropbox SDK though, refer to the specific documentation for the SDK, as it will do most of the work for you.)


Once that's implemented in your app, you can distribute your app to them to have them use it and connect their Dropbox accounts.


Each access token is for a specific app-user pair, and allows access to that user's account, to the extent allowed by the app's permission. You should not distribute your own access token to end-users. Each end-user will get their own access token via the app authorization flow.


The general idea is that the user will be redirected to Dropbox to authorize your app to access their Dropbox data. After the user has approved your app, they'll be sent back to your app with an authorization code. At this point your app will exchange the authorization code for an access token which can be used to make subsequent requests to the Dropbox API.


So - I’m thinking I need to set up a web viewer next to a button (“click here to go to Dropbox and sign up for the OSAEMR App”) such that when the user taps the button, the web viewer takes them to Dropbox, allows them to log on,  and then requests a token for my app.


I imagine that Dropbox will then send back a URL containing the token, which I then parse and put the token into a field (could I insert it into my DropboxToken custom function somehow?).  How does my app “listen” and receive the returning URL containing the token?  This part is beyond my understanding.


Once I figure that out, OSAEMR will be AMAZING! ;>)


Thanks for any help,




(PS: I am posting a version of this to FileMaker Magazine website also)