Add, List, and Remove a File Member

Learn how to add a new file member, get a list of all members with access to a file, and remove a specific file member using the Dropbox API.

We'll cover the following

In this lesson, we’ll learn about the sharing namespace offered by the Dropbox API. The endpoints of this namespace are used to create and manage shared links and folders. We’ll explore the following operations in this lesson:

  • add_file_member
  • list_file_members
  • remove_file_member_2

Note: The endpoints of the sharing namespace only support applications with full Dropbox access. For example, if you’ve created an application that has “App folder” access, then the “sharing” endpoint won’t work.

Add a member to a file

The /sharing/add_file_member endpoint adds a user to a file. This endpoint requires us to enable the sharing.write permission to perform this task.

Request parameters

Let’s see which parameters we can pass to this endpoint call.

Parameter Name

Format

Required

Description

file

String

Yes

Defines the file to which we want to add a member. We can use the name of the file with the complete path or ID of a file.

members

String

Yes

List of users that we want to add to the file we indicated in the previous parameter. Members can be specified by their Dropbox ID or email address.

custom_message

String

No

We can include a message to be sent to the newly added member.

quiet

Boolean

No

Tells us how the member should be notified (for example, by email or device notifications). By default, it’s set to False.

access_level

Object

No

Defines the role of our newly added member (it could be owner, editor, viewer, or viewer_no_comment). A member with viewer_no_comment rights can only view the shared file and doesn’t have access to the file’s comments. Default value is viewer.

add_message_as_comment

Boolean

No

If set to true, then the custom message will be added to the file as a comment. Default value is false.

In the code below, we’ll add a member to a file:

Press + to interact
// Define import libraries here
import fetch from 'node-fetch';
// Define API key here
const token = '{{TOKEN}}'
// Define endpoint URL here
const endpointUrl = new URL('https://api.dropboxapi.com/2/sharing/add_file_member');
// Define Header Parameters here
const headerParameters = {
  'Authorization': `Bearer ${token}`,
  'Content-Type': 'application/json',
};
// Define Body Parameters here
const bodyParameters = JSON.stringify({
  file: "/home/TestFolder/demo.png",
  members: [{".tag":"email","email":"user_id@gmail.com"}],
  custom_message: "You have been added as a viewer to this file by the admin...",
  quiet: false,
  access_level: {".tag":"viewer"},
  add_message_as_comment: false
});
// Set the API call options
const options = {
  method: 'POST',
  headers: headerParameters,
  body: bodyParameters,
};
// Function to make the API call
async function addMember() {
  try {
    const response = await fetch(endpointUrl, options);
    // Custom function for printing the API response
    printResponse(response);
  } catch (error) {
    // Custom function for printing the error message
    printError(error);
  }
}
// Call function to make the API call
addMember();

In the code above, we do the following:

  • Line 2: We import the fetch library that we need to use in our code from node-fetch.
  • Line 5: We get the value for TOKEN to use for authentication.
  • Line 8: We define the request URL.
  • Lines 11–14: We define the headers of the fetch request. It includes the authorization and the type of content, which is application/json in most cases.
  • Lines 17–24: We define the bodyParameters of the fetch request.
  • Lines 27–31: We set the API call options.
  • Lines 34–44: We create a function to make the API call. It will try to get the response and will pass the response to the custom function printResponse; otherwise, it will catch the error and will pass it to the custom function printError.
  • Line 47: We call the function addMember to make the API call.

Response

The code will return a list that includes metadata of the added member (such as their access level) and the outcome or status of this call.

Response field

Format

Description

member

String

Details of the added member.

result

String

Access level of the member.

List file members

This endpoint will give us a list of all the members that have access to the shared file. The /sharing/list_file_members endpoint requires us to enable the sharing.read permission to perform this task.

Request parameters

Let’s see some of the parameters in the table below that we’ll need to use in our practice code:

Parameter Name

Format

Required

Description

file

String

Yes

ID of the file for which we want to get a list of members.

include_inherited

Boolean

No

Tells us if we want to include members who have obtained access to a file from a shared parent folder. Default value is set to true.

limit

UInt32

No

Maximum number of members to return per query.Default value is 100.

In the code below, we’ll use the search_v2 endpoint to get the file ID for demo.png:

Press + to interact
// Define import libraries here
import fetch from 'node-fetch';
// Define API key here
const token = '{{TOKEN}}'
// Define endpoint URL here
const endpointUrl = new URL('https://api.dropboxapi.com/2/files/search_v2');
// Define Header Parameters here
const headerParameters = {
  'Authorization': `Bearer ${token}`,
  'Content-Type': 'application/json',
};
// Define Body Parameters here
const bodyParameters = JSON.stringify({
  query: "demo",
  options: {
        "path":"/home/TestFolder"
        }
});
// Set the API call options
const options = {
  method: 'POST',
  headers: headerParameters,
  body: bodyParameters,
};
// Function to make the API call
async function listMembers() {
  try {
    const response = await fetch(endpointUrl, options);
    // Custom function for printing the API response
    printResponse(response);
  } catch (error) {
    // Custom function for printing the error message
    printError(error);
  }
}
// Call function to make the API call
listMembers();

In the code above, we see the following:

  • Line 2: We import the fetch library that we need to use in our code from node-fetch.
  • Line 5: We get the value for TOKEN to use for authentication.
  • Line 8: We define the request URL.
  • Lines 11–14: We define the headers of the fetch request. It includes the authorization and the type of content, which is application/json in most cases.
  • Lines 17–22: We define the bodyParameters of the fetch request.
  • Lines 25–29: We set the API call options.
  • Lines 32–42: Function to make the API call. It will try to get the response and will pass the response to the custom function printResponse; otherwise, it will catch the error and will pass it to the custom function printError.
  • Line 45: We call the function listMembers to make the API call.

The code above will give all files with the name demo.

Press + to interact
// Define import libraries here
import fetch from 'node-fetch';
// Define API key here
const token = '{{TOKEN}}'
// Define endpoint URL here
const endpointUrl = new URL('https://api.dropboxapi.com/2/sharing/list_file_members');
// Define Header Parameters here
const headerParameters = {
  'Authorization': `Bearer ${token}`,
  'Content-Type': 'application/json',
};
// Define Body Parameters here
const bodyParameters = JSON.stringify({
  file: "{{FILE_ID}}",
  include_inherited: true
});
// Set the API call options
const options = {
  method: 'POST',
  headers: headerParameters,
  body: bodyParameters,
};
// Function to make the API call
async function listMembers() {
  try {
    const response = await fetch(endpointUrl, options);
    // Custom function for printing the API response
    printResponse(response);
  } catch (error) {
    // Custom function for printing the error message
    printError(error);
  }
}
// Call function to make the API call
listMembers();

In the code above, we do the following:

  • Line 2: We import the fetch library that we need to use in our code from node-fetch.
  • Line 5: We get the value for TOKEN to use for authentication.
  • Line 8: We define the request URL.
  • Lines 11–14: We define the headers of the fetch request. It includes the authorization and the type of content, which is application/json in most cases.
  • Lines 17–20: We define the bodyParameters of the fetch request.
  • Lines 23–27: We set the API call options.
  • Lines 30–40: We create a function to make the API call. It will try to get the response and will pass the response to the custom function printResponse; otherwise, it will catch the error and will pass it to the custom function printError.
  • Line 43: We call the function listMembers to make the API call.

Response

  • The field users indicates a list of members who have access to the shared file.
    • The access_type defines the role of the member—for example, if the member is the owner, viewer, editor, or viewer_no_comment.
    • A user defines the account information of the file member (user)—for example, their name, id, email, and so on.
    • The value is_inherited tells us if the file member was given or obtained access from the parent folder. If this is the case, then its value is true.
  • The field invitees is a list composed of members who were invited to this file but haven’t registered and/or accessed this invitation. It includes almost all the same fields included in the users list.
  • The cursor is used to fetch other members if there are other members who have not been returned in our results.

Remove a file member

Let’s remove a specific member from a file using the /sharing/remove_file_member_2 endpoint of the sharing namespace.

Request parameters

This request takes two required parameters. The first is the file parameter, which is assigned the file ID, and the second is the “member” parameter, which states the tag and email of the member to be removed.

Let’s take a look at the request parameters needed to remove the member we added to the demo.png file.

Parameter Name

Format

Required

Description

file

String

Yes

File ID or path, including the file's name, from which we want to remove a member.

member

Open Union

Yes

How we want to remove a file member. Specified by the value of tag. If it’s dropbox_id, then we have to provide the user's Dropbox ID, and if it’s email, then we can remove a member by using their email address.

In the code below, we’ll remove a specific member from a file:

Press + to interact
// Define import libraries here
import fetch from 'node-fetch';
// Define API key here
const token = '{{TOKEN}}'
// Define endpoint URL here
const endpointUrl = new URL('https://api.dropboxapi.com/2/sharing/remove_file_member_2');
// Define Header Parameters here
const headerParameters = {
  'Authorization': `Bearer ${token}`,
  'Content-Type': 'application/json',
};
// Define Body Parameters here
const bodyParameters = JSON.stringify({
  file: "/home/TestFolder/demo.png",
  member: {".tag":"email","email":"user_id@gmail.com"}
});
// Set the API call options
const options = {
  method: 'POST',
  headers: headerParameters,
  body: bodyParameters,
};
// Function to make the API call
async function removeMember() {
  try {
    const response = await fetch(endpointUrl, options);
    // Custom function for printing the API response
    printResponse(response);
  } catch (error) {
    // Custom function for printing the error message
    printError(error);
  }
}
// Call function to make the API call
removeMember();

In the code above, we do the following:

  • Line 2: We import the fetch library that we need to use in our code from node-fetch.
  • Line 5: We get the value for TOKEN to use for authentication.
  • Line 8: We define the request URL.
  • Lines 11–14: We define the headers of the fetch request. It includes the authorization and the type of content, which is application/json in most cases.
  • Lines 17–20: We define the bodyParameters of the fetch request.
  • Lines 23–27: We set the API call options.
  • Lines 30–39: We create a function to make the API call. It will try to get the response and will pass the response to the custom function printResponse; otherwise, it will catch the error and will pass it to the custom function printError.
  • Line 42: We call the function removeMember to make the API call.

Response

The code only returns the tag field with the success value.