Zimbra Dropbox integration (Admin guide)

This guide will take you through the steps to set-up the Dropbox integration in Zimbra. Once you have completed the steps in this guide you can follow the end-user guide at https://wiki.zimbra.com/wiki/Dropbox_integration_end_user_guide for the final OAuth set-up.

Create a Dropbox Application (OAuth)

To be able to use the Dropbox integration you have to create a Dropbox account, the basic free plan will work with this integration.

Go to https://www.dropbox.com/developers/apps/ and click create app:

image

Configure the app using Scoped access, select Full Dropbox access and give your app a unique name and click Create App:

image

Once your app is created go to the Settings tab and configure your Redirect URL:

Put your Zimbra domains under Chooser/saver domains section.

image

In the app Permissions tab select the following scopes:

  • account_info.write
  • account_info.read
  • files.metadata.write
  • files.metadata.read
  • files.content.write
  • files.content.read
  • sharing.write
  • sharing.read
  • file_requests.write
  • file_requests.read
  • contacts.write
  • contacts.read

And click submit:

image

In the Branding tab you can set optional App description and icon.

Go back to the settings tab and: Click Enable additional users so that others may authorize with the app. Then copy the App key and App secret for configuring Zimbra.

image

Setting up Zimbra

From the command line run the following command to install the Dropbox Zimlet:

apt install -y zimbra-zimlet-dropbox

From the command line as the user zimbra run the following commands:

zmprov mcf +zimbraOAuthConsumerRedirectUri 'https://PUT-YOUR-ZIMBRA-SERVER-DOMAIN-HERE/service/extension/oauth2/authenticate/dropbox:dropbox'
zmprov mcf +zimbraOAuthConsumerCredentials 'PUT-APP-KEY-HERE:PUT-APP-SECRET-HERE:dropbox'

Finally restart mailbox to load the Zimlet by running as user zimbra:

zmmailboxdctl restart

In case you have configured Zimbra to use a Strict same site cookie restriction, this has to be reverted by running the following command as user zimbra:

/opt/zimbra/bin/zmlocalconfig -e zimbra_same_site_cookie=""

Typically if the same site cookie restriction is set to Strict the user will see a login screen after allowing Zimbra to access the Dropbox app. But even after signing on again the Dropbox integration will not be activated. In the mailbox log (/opt/zimbra/log/mailbox.log) you will see the following:

2023-05-10 05:21:36,776 ERROR [qtp2138564891-84:https://mail.zimbra.tech/service/extension/oauth2/authenticate/dropbox?code=ihvIiCKLSO4AAAAAAAAAGBTxfo_wGZg3VngTnK6f24g&state=%2Fmodern%2FdropboxAuthCompleted%3Bnoop] [] extensions - An oauth application error occurred. : permission denied: 401: must authenticate

For debugging purpose you can copy/paste the URL from the log, to the browser of the authenticated user to activate the app. If this works, it means you have not unset the same site cookie restriction correctly or you have a cache issue. Restart Zimbra and flush the browser cache and try again.

An OAuth application error has occurred

This error will be shown in case the OAuth scope on the Dropbox app is not set or does not have all the required access rights, add at least the 12 mentioned in the steps above.

Connect Zimbra with Dropbox and use the integration

These steps have to be done by each end-user (only once) and are described in: https://wiki.zimbra.com/wiki/Dropbox_integration_end_user_guide

, ,

Comments are closed.

Copyright © 2022 Zimbra, Inc. All rights reserved.

All information contained in this blog is intended for informational purposes only. Synacor, Inc. is not responsible or liable in any manner for the use or misuse of any technical content provided herein. No specific or implied warranty is provided in association with the information or application of the information provided herein, including, but not limited to, use, misuse or distribution of such information by any user. The user assumes any and all risk pertaining to the use or distribution in any form of any subject matter contained in this blog.

Legal Information | Privacy Policy | Do Not Sell My Personal Information | CCPA Disclosures