Dropbox
Last reviewed: 4 months ago
This guide covers how to configure Dropbox ↗ as a SAML application in Cloudflare Zero Trust.
- An identity provider configured in Cloudflare Zero Trust
- Admin access to a Dropbox Advanced, Business Plus, or Enterprise account
- In Zero Trust ↗, go to Access > Applications.
- Select Add an application > SaaS > Select.
- For Application, select
Dropbox
. - For the authentication protocol, select SAML.
- Select Add application.
- Fill in the following fields:
- Entity ID:
Dropbox
- Assertion Consumer Service URL:
https://www.dropbox.com/saml_login
- Name ID format: Email
- Entity ID:
- Copy the SSO endpoint and Public key.
- Select Save configuration.
- Configure Access policies for the application.
- Select Done.
- Paste the Public key in a text editor.
- Wrap the certificate in
-----BEGIN CERTIFICATE-----
and-----END CERTIFICATE-----
. - Set the file extension as
.pem
and save.
- In Dropbox, go to your profile picture > Settings > Admin Console > Security > Single sign-on.
- For Single sign-on, select Optional.
- Select Add Identity provider sign-in URL.
- Paste the SSO endpoint from application configuration in Cloudflare Zero Trust and select Done.
- Select Add X.509 certificate and upload the
.pem
file from step 2. Create a certificate file. - Copy SSO sign-in URL. This is your custom Dropbox SSO URL.
- Select Save.
-
Open an incognito browser window and go to your custom Dropbox SSO URL. You will be redirected to the Cloudflare Access login screen and prompted to sign in with your identity provider.
-
After this is successful, you may want to require users to log in via SSO. Go to your profile picture > Settings > Admin Console > Security > Single sign-on. For Single sign-on, select Required. Dropbox will send an email to your users notifying them of the change.