How to connect Dropbox with Microsoft Entra ID

Admins Updated Jun 02, 2026

In this article

person icon

The information in this article applies to admins on Dropbox Standard, Business, Advanced, Business Plus, and Enterprise in Windows.


The Dropbox integration with Microsoft Entra ID, formerly known as Microsoft Azure AD, helps you manage your Dropbox team account from Microsoft Entra ID. When you use Dropbox with Microsoft Entra ID. With this integration, you can:

  • Configure single sign-on (SSO) for your Dropbox team account
  • Manage provisioning and deprovisioning Dropbox team members users through Entra ID
     

Requirements

Before you begin, make sure you have:

  • An admin account on Dropbox team
  • A Microsoft Entra subscription
  • An Entra ID user account with a valid email address

To configure SSO and provisioning, complete each section in this article in order.

If you don't want to set up SSO, stop after Provision users to your Dropbox Business team.

highlighter icon

Note: The steps in this article use the current Microsoft Entra admin center.

How to add Dropbox to Microsoft Entra ID

First, add the Dropbox team integration to Microsoft Entra ID:

  1. Log in to the Microsoft Entra admin center. 
  2. Click Applications on the left tab.
  3. Click Enterprise Applications.
  4. Click New Application.
  5. Choose Dropbox for Business from the All category.
  6. Click Add.

How to create your test user

Before rolling out SSO and provisioning to your organization, create a test user to verify that the integration works as expected.

Your test user must have a valid email address that you can access.

To create a test user:

  1. In the Microsoft Entra admin center, go to Quick Start.
  2. Click Assign a user for testing (required).
  3. Click Add user, then choose one or more users.  
  4. Save your changes.
  5. On the Quick Start page, click Create your test user in Dropbox for Business (required)
  6. Select Provisioning Mode: Automatic.
  7. Click Authorize.
  8. When you're redirected to dropbox.com, click Allow to authorize Microsoft Entra ID.
  9. Click Test Connection to verify that Entra ID was successfully authorized.
     

How to provision users to your Dropbox team account

You can provision users automatically through Microsoft Entra ID or manage them manually from the Dropbox admin console.

  1. In the Microsoft Entra admin center, go to Quick Start.
  2. Click Create your test user in Dropbox for Business (required).
  3. Under Provisioning Status, select:
    • On: Automatically provision users from Microsoft Entra ID
    • Off: Manually provision users from the Dropbox admin console
  4. Under Scope, choose one of the following:
    • Sync only the assigned users and groups (Recommended): Only assigned users and groups are provisioned.
    • Sync all users and groups: All users and groups are provisioned.
  5. Click Save.
     

If provisioning is turned on

  • Any users you provision appear on the Members page in the Dropbox admin console.
  • Team members must accept their invitation before joining the team.
  • Team members appear under the Active or Invited filters.
  • Beneath the members list, you can see Members managed by Windows Entra ID.
     

If provisioning is turned off

  • You can invite users to your team from the Dropbox admin console.
     

How to sync groups from Microsoft Entra ID

highlighter icon

Note: Group sync requires Microsoft Entra ID Premium.

The same groups you have with AD can sync into Dropbox with the newest version of the Microsoft Entra ID Connector.

How to configure single sign-on

To use Microsoft Entra ID as a single sign-on (SSO) provider for your Dropbox team account, configure SSO in both apps.

To connect Dropbox Business and Microsoft Entra ID, you'll need:

  • A unique sign-in URL from Dropbox
  • A unique sign-in URL from Microsoft Entra ID
  • A unique sign-out URL from Microsoft Entra ID
  • A 509 certificate from Microsoft Entra ID

It’s easiest if you keep both dropbox.com and the Microsoft Entra admin center open in your web browser.


Copy the Dropbox SSO sign-in URL

  1. Log in to dropbox.com with your admin credentials.
  2. Click Admin console in the left sidebar.
  3. Click Settings.
  4. Click the Security tab.
  5. Under Authentication, click Copy link to the right of SSO sign-in URL.

Configure Microsft Entra ID

  1. Log in to the Microsoft Entra admin center.
  2. Choose the Dropbox team app.
  3. On the Quick Start page, click Configure single sign-on (required).
  4. Set Mode to SAML-based Sign-on.
  5. Paste the Dropbox SSO sign-in URL into the Sign on URL field.
  6. In the Identifier field enter Dropbox.
  7. In the Reply URL field enter https://www.dropbox.com/saml_login.
  8. Click Certificate (Base64) to download and save the SAML Signing Certificate.
  9. Click Configure Dropbox for Business to open the configuration guide. Copy the Login URL and Logout URL. Keep these URLs available, you’ll need them to finish configuring the integration.
  10. Click Save.

Enable SSO in Dropbox

  1. Log in to dropbox.com with your admin credentials.
  2. Click Admin console in the left sidebar.
  3. Click Settings.
  4. Click Single Sign-On.
  5. Click the Security tab.
  6. Under Authentication, click the dropdown to the right of Single sign-on and select either: 
    • Optional (for testing): Allows users to use either SSO or their username and password when logging in.
    • Required (for production): Admins will always have the option of using a username and password when logging in.
  7. Click Add to the right of Identity provider sign-in URL, enter the login URL provided by Microsoft Entra ID, then click Done.
  8. Click Add to the right of Identity provider sign-out URL, enter the logout URL provided by Microsoft Entra ID, then click Done.
  9. Click Add to the right of X.509 certificate, then upload the SAML Signing Certificate downloaded from Microsoft Entra ID.
  10. Click Save.

How to test single sign-on

Check that SSO is set up correctly by testing the connection between Dropbox for Business and Microsoft Entra ID.

Log out of your Dropbox team admin account and try logging in as your test team member using SSO:

  1. If you’re logged in to your admin account on dropbox.com, click your avatar in the top-right corner and choose Log out.
  2. Log in to dropbox.com using a user assigned for testing in Microsoft Entra ID.
  3. Click Continue.
  4. You’re redirected to the Microsoft Login Portal. Enter the user Entra ID username and password.
  5. You’re redirected back to dropbox.com and are logged in to that user account.

How to assign Dropbox Business to users

If everything’s set up and your test is successful, it’s time to give your users access to Dropbox teams. Assign Dropbox Business to each user or group that needs to use Dropbox Business.

If you assign Dropbox Business to a user, SSO is enabled, and provisioning is automatic, then:

  • The assigned user is provisioned in Dropbox and they receive an invite to the Dropbox Business team.
  • After they join the team, they can log in using SSO.

To assign Dropbox Business to users or groups, navigate to the Microsoft Entra admin center:

  1. Log in to the Microsoft Entra admin center.
  2. Click Deploy single sign-on to users and groups (recommended).
  3. Open Users and groups.
  4. Assign Dropbox Business access to the users and groups you want to provision.

Users who aren’t assigned Dropbox Business won’t be provisioned automatically and can’t use SSO.

Was this article helpful?

Let us know how why it didn't help:

Thanks for letting us know!

Thanks for your feedback!

Related Articles

Dropbox for Outlook

Dropbox for Windows update: an overview

Expected changes with Dropbox for Windows update

FAQs about Microsoft Office for Dropbox

Other ways to get help

Icon depicting two people
Community
Icon depicting a speech bubble
Contact support
Twitter Icon
Social media support