OAuth Overview

Apps that want to use the Dropbox Sign API to perform actions (i.e. sending signature requests) or access data on behalf of their users need to get their user's consent. Each user must complete an OAuth flow, where they grant permission for your app to interact with their Dropbox Sign data. Dropbox Sign uses OAuth 2.0 so that users can securely grant access to apps built with the Dropbox Sign API.

Build With OAuth

This page contains overview information about Dropbox Sign and OAuth. For information around implementation, please review our OAuth Walkthrough.

Access Tokens

Once a user completes an OAuth flow and grants permission to connect your app, an access token is returned to your app. That access token is is authorized to call the Dropbox Sign API on that user's behalf. The access token can be used to send API calls by setting the HTTP header Authorization: Bearer <oauth2-access-token>.

Copy

Copied

ACCESS_TOKEN=ACCESS_TOKEN_GRANTED_BY_OAUTH
curl 'https://api.hellosign.com/v3/signature_request/list' \
   -H "Authorization: Bearer ${ACCESS_TOKEN}"

Billing Model

Dropbox Sign apps using OAuth must select one of the following billing models:

"Charge users" -- full access apps that charge the user you're sending calls on behalf of.
"Charge me" -- limited access apps that charge you, the app owner.