Dropbox MCP | Oauth 2.0 Dropbox connector for AI agents

Tools your document agent reaches for on Dropbox, scoped per user.

CALL ANY TOOL

List and search files, download or upload content, create shared links, and inspect folder structure.

dropbox_files_list

List files

List files and folders at a Dropbox path with pagination.

Parameters

Name

Type

Required

Description

path

string

Required

Dropbox path (empty string for root)

recursive

boolean

Optional

Recurse into subfolders

limit

integer

Optional

Max entries per page

dropbox_file_get

Get file metadata

dropbox_file_download

Download file

dropbox_file_upload

Upload file

dropbox_shared_link_create

Create shared link

dropbox_search

Search files

Build your Agent

Drop the toolkit in, point it at the user, and your document agent can use Dropbox from the first run.

Copied

import { ScalekitClient } from "@scalekit-sdk/node";
import { DynamicStructuredTool } from "@langchain/core/tools";
import { createReactAgent } from "@langchain/langgraph/prebuilt";
import { z } from "zod";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["dropbox"], toolNames: ["dropbox_files_list", "dropbox_file_get", "dropbox_file_download"] },
  pageSize: 100,
});

const lcTools = tools.map((t) => new DynamicStructuredTool({
  name: t.tool.definition.name,
  description: t.tool.definition.description,
  schema: z.object({}).passthrough(),
  func: async (args) => {
    const { data } = await sk.tools.executeTool({
      toolName: t.tool.definition.name,
      identifier: "user_123",
      params: args,
    });
    return JSON.stringify(data);
  },
}));

const agent = createReactAgent({ llm, tools: lcTools });

Copied

import { ScalekitClient } from "@scalekit-sdk/node";
import OpenAI from "openai";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);
const openai = new OpenAI();

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["dropbox"], toolNames: ["dropbox_files_list", "dropbox_file_get", "dropbox_file_download"] },
  pageSize: 100,
});

const llmTools = tools.map((t) => ({
  type: "function",
  function: {
    name: t.tool.definition.name,
    description: t.tool.definition.description,
    parameters: t.tool.definition.input_schema,
  },
}));

const resp = await openai.responses.create({
  model: "gpt-4o", input: prompt, tools: llmTools,
});

import { ScalekitClient } from "@scalekit-sdk/node";
import Anthropic from "@anthropic-ai/sdk";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);
const anthropic = new Anthropic();

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["dropbox"], toolNames: ["dropbox_files_list", "dropbox_file_get", "dropbox_file_download"] },
  pageSize: 100,
});

const llmTools = tools.map((t) => ({
  name: t.tool.definition.name,
  description: t.tool.definition.description,
  input_schema: t.tool.definition.input_schema,
}));

const msg = await anthropic.messages.create({
  model: "claude-sonnet-4-6", max_tokens: 1024,
  tools: llmTools,
  messages: [{ role: "user", content: prompt }],
});

Copied

import { Agent } from "@google/adk/agents";
import {
  MCPToolset, StreamableHTTPConnectionParams,
} from "@google/adk/tools/mcp";

const toolset = new MCPToolset({
  connectionParams: new StreamableHTTPConnectionParams({
    url: "https://mcp.scalekit.com/dropbox",
    headers: { Authorization: `Bearer ${userScopedToken}` },
  }),
});

const agent = new Agent({
  name: "agent", model: "gemini-2.0-flash",
  tools: await toolset.getTools(),
});

Try these prompts

Paste any prompt into your agent to start using Dropbox.

Search & recall

Copy the prompt

Copied

Find all files matching [keyword].

Copy the prompt

Copied

List files in [folder path].

Copy the prompt

Copied

Get metadata for [file name].

Copy the prompt

Copied

Show all shared links in [folder].

Action & sharing

Copy the prompt

Copied

Upload [filename] to [folder path].

Copy the prompt

Copied

Create a shared link for [file] (view-only).

Copy the prompt

Copied

Download [file path].

Copy the prompt

Copied

Move [file] to [folder].

Folders & audits

Copy the prompt

Copied

List subfolders of [path].

Copy the prompt

Copied

Which files were edited this week?

Copy the prompt

Copied

Find files larger than 100MB in [folder].

Copy the prompt

Copied

List all files shared externally this month.

SEE HOW AUTH WORKS

Users authorize Dropbox once. Their credentials stay vaulted, every call is checked, and every action is logged.

Authorize

Your user connects

Dropbox

once. We tie it to their identity and the meetings they approved — no shared bot account, no org-wide access

Who:

user ‘A’

when:

Once per user

access:

Limited to user

Store

Their

Dropbox

token lives in a vault scoped to them. User A's meetings are never reachable by an agent acting for user B, even on the same connection

vault:

encrypted

scope:

per-user

tokens:

auto-refreshed

Resolve

When your agent calls a

Dropbox

tool, we fetch the right token server-side. It never touches your agent, never appears in the LLM context, never shows up in your logs

speed:

~40ms

check:

before every call

seen by:

nobody

Audit

Every

Dropbox

tool call is logged — who triggered it, which meeting was fetched, what came back. 90 days of history, tied to the user who authorized it

history:

90 days

export:

SIEM-ready

logged:

every call

Test other agents

Same per-user auth pattern across other document agents and MCP connectors. Working code, live demos, fork what fits.

SUPPORT

Support triage agent

Read Zendesk tickets, fetch runbooks from Notion, and route to the right Slack channel with a drafted response.

SUPPORT

Support ticket automation (Google ADK)

Google ADK agent that classifies Zendesk tickets, pulls Notion context, and posts to Slack. End-to-end ticket handoff.

Why Scalekit

Secure your agent's access. Connectors ship in minutes

Other connector libraries treat auth as a demo afterthought. Scalekit starts with user identity, scope enforcement, and audit.

01.

Files accessed from the wrong user identity

A shared Dropbox OAuth token looks fine in a demo. In production, every file download and shared link creation is attributed to the service account. Folder ACLs collapse. Scalekit resolves the actual user's token so file access runs under the right identity.

// shared OAuth token
token = "sl_dropbox_shared_xxx"
audit → bot_service_account
acl_filter → broken

// scalekit · per-user
token = resolve(user_id)
audit → user_abc
scope → enforced ✓

02.

Authentication is not authorization

03.

Multi-tenancy is architectural

04.

Dropbox today. Others tomorrow.

“Our agents act across Salesforce, Gong, Google Drive, and more, on behalf of every customer. Scalekit behind the scenes meant we can keep adding tools without ever rebuilding how credentials or tool calling work.”

Venu Madhav Kattagoni

Head of Engineering / Von

On this page

Tool and actions Framework Compatibility Starter Prompt Auth Lifecycle Try Other Agents Why Scalekit

Frequently Asked Questions

Does the agent access Dropbox as the user or as a shared key?

As the user. Each workspace member authorizes once and Scalekit resolves their credential at request time. Audit logs attribute every action to that user, not a shared service account.

Where is the Dropbox oauth 2.0 stored?

Can I limit what the agent is allowed to do in Dropbox?

What happens when a user revokes Dropbox access?

Can the agent access team folders the user has since left or been removed from?

Start in your coding agent

Up and running in one command

Install the Scalekit skill in your editor of choice. Connector, auth, tools, prompt, all wired up

Claude Code REPL

Copy Copied

/plugin marketplace add scalekit-inc/claude-code-authstack
/plugin install agentkit@scalekit-auth-stack

Cursor Code REPL

Copy Copied

# ~/.cursor/mcp.json
{
""mcpServers"": {
""dropbox"": {
""url"": ""https://mcp.scalekit.com/dropbox"",
""headers"": { ""Authorization"": ""Bearer $SCALEKIT_TOKEN"" }
}
}
}

Codex Code REPL

Copy Copied

# ~/.codex/config.toml
[mcp_servers.dropbox]
url = ""https://mcp.scalekit.com/dropbox""
auth_env = ""SCALEKIT_TOKEN""

Copilot Code REPL

Copy Copied

# .vscode/mcp.json
{
""servers"": {
""dropbox"": {
""url"": ""https://mcp.scalekit.com/dropbox"",
""type"": ""http""
}
}
}