Dropbox’s API Gets A Security Boost (And Is Now Web-Friendly)

Red-hot startup Dropbox — you know, the file syncing service that just raised $250 million at a $4 billion valuation — has announced something this week that’s getting slightly less attention than its massive funding round, but is exciting all the same: the company has released an improved version of its APIs, making the service better both in native apps (on mobile devices) and web apps alike.

Dropbox first launched its API in May 2010, and it’s been implemented in loads of mobile app since then. But it’s had a few issues that have been remedied with the new version of the API.

For one, it’s now adding support for ‘app folders’. Prior to this update, if you wanted to let a third-party app hook into your Dropbox account, you’d be giving it access to your entire account — which didn’t necessarily make sense for, say, a camera app. Now apps will be able to associate themselves with a single folder (which the user can move and rename as they’d like), without having to hand over the keys to the kingdom.

Likewise, security has now been beefed up using an authentication system that doesn’t require you to enter your credentials within a third party app itself. Instead, when you go to authenticate with an app, you’ll be swapped over to either the mobile web version of Dropbox or your native Dropbox app (Facebook and some other services use a similar mechanism).

The API also gives third party applications access to the versioning/revision system that Dropbox uses, which’ll let users jump back to previous versions of files and undelete them.

Finally, while the original version of the API was made primarily for native mobile apps, this new version works for web apps (including those on the desktop) as well.

Update: A previous version of this post said the security updates and other features applied to only mobile eapps, but they’re actually relevant to any app built using the Dropbox API (including web apps).