Dropbox authentication strategy for Passport.

NOTE: Dropbox continues to support OAuth 1.0, but OAuth 2.0 is now preferred. Developers are encouraged to use passport-dropbox-oauth2 when developing new applications.


Passport strategy for authenticating with Dropbox using the OAuth 1.0 API.

This module lets you authenticate using Dropbox in your Node.js applications. By plugging into Passport, Dropbox authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

$ npm install passport-dropbox

The Dropbox authentication strategy authenticates users using a Dropbox account and OAuth tokens. The strategy requires a verify callback, which accepts these credentials and calls done providing a user, as well as options specifying a consumer key, consumer secret, and callback URL.

passport.use(new DropboxStrategy({
    consumerKey: DROPBOX_APP_KEY,
    consumerSecret: DROPBOX_APP_SECRET,
    callbackURL: ""
  function(token, tokenSecret, profile, done) {
    User.findOrCreate({ dropboxId: }, function (err, user) {
      return done(err, user);

Use passport.authenticate(), specifying the 'dropbox' strategy, to authenticate requests.

For example, as route middleware in an Express application:


  passport.authenticate('dropbox', { failureRedirect: '/login' }),
  function(req, res) {
    // Successful authentication, redirect home.

Developers using the popular Express web framework can refer to an example as a starting point for their own web applications. The example shows how to authenticate users using Twitter. However, because both Twitter and Dropbox use OAuth 1.0, the code is similar. Simply replace references to Twitter with corresponding references to Dropbox.

$ npm install --dev
$ make test

The MIT License

Copyright (c) 2011-2013 Jared Hanson <>