Dropbox
Configuring the Veza integration for Dropbox
Overview
The Dropbox integration enables discovery of users, groups, folders, and files within a Dropbox Business account. Veza parses group memberships and permissions to show the full range of user access on the cloud-based content management, collaboration and file sharing service.
Access Reviews: Review user and group access to files and folders in Dropbox
Search: Search for users based on permission type or group membership
Rules and Alerts: Create rules for alerts when users are added to critical groups or new users gain access to sensitive folders
See notes and supported entities for more details.
Configuring Dropbox
Early Access: The Dropbox integration is currently provided on an early access basis. To prevent errors when authenticating with Dropbox, contact our support team to ensure the application is enabled for your Veza tenant.
Veza connects to Dropbox with an OAuth 2.0 authentication flow. You will log in to Dropbox to approve permissions for the Veza application as part of adding the integration in Veza.
Individual Permissions:
View information about members' Dropbox files and folders
View members' Dropbox sharing settings and collaborators and manually added Dropbox contacts
View basic information about members' Dropbox account such as username, email, and country
Team Permissions:
View content of and information about your team's files and folders and view and edit governance data of your team's files and folders
View your team group membership and team membership
View structure of your team's and members' folders
View basic information about your team including names, user count, and team settings
Configuring Dropbox on the Veza Platform
To add a Dropbox account for discovery:
In Veza, go to the Integrations page.
Click Add Integration and search for Dropbox. Choose it and click Next to add an integration.
Enter the required information
Click Authorize to approve the connection in Dropbox. Log in as a Dropbox administrator and click Allow to enable the integration.
Click Create Integration to save the configuration.
| Field | Notes |
|---|---|
Insight Point | Choose whether to use the default data plane or a deployed Insight Point. |
Name | A friendly name to identity the unique integration. |
Gather Private Folders | If true, enable discovery of personal folders |
Notes and Supported Entities
A Dropbox Business account (Dropbox Team) is the top level entity. A team has users (members) who can share their files and folders (resources). Permissions on the shared item can be Editor or Viewer. Users can belong to groups, which can also have permissions on files and folders.
Veza shows team-owned (or account level) folders in addition to user’s folders.
Veza creates the following Authorization Graph entities to model authorization in Dropbox:
Dropbox Tenant
Top-level entity representing a Dropbox Team.
Tenant Unique ID: Dropbox Team ID (e.g
dbtid:asdasdaskjdnajksdakjdkasgAQDLO_eiMaQ)
Dropbox User
Created at: Timestamp when the user account was created
User Unique Id: Unique identifier for the user
Email: User's email address
Groups: List of groups the user belongs to
Identity Unique Id: Unique identifier for the user's identity
Is active: Boolean indicating if the user account is active or not
Dropbox Group
Group Unique ID: Unique identifier for the group
Dropbox Group Membership
Represents a User > Group assignment in Dropbox.
Dropbox Permission
Permissions: Can be
owner,editor,viewer,viewer_no_comment,traverse,other.
Dropbox Folder
The Dropbox Folder entity represents a folder in the Dropbox file system.
Last updated