How to use Policies in Dropbox Dash

Q: Why don’t I see any policy matches?

You’ll only see policy matches when all the requirements are met. Policies trigger alerts or automations only after every condition is satisfied.

Q: Can I change when the policy runs?

Policies run automatically once per day at 8:00 UTC and can’t be modified.

Q: Can I stop or undo fixes once they start?

Actions already queued will complete and appear in Action history. They can’t be stopped or undone.Note: If an item only has inherited links or inherited collaborators, no policy actions are taken and the item won’t appear in Action history.

Q: Can I edit or delete an action that already ran?

Actions are permanently logged in Action history for visibility and auditing and can’t be modified. Only direct access changes made by a policy are logged. Inherited permissions are skipped and can’t be seen in Action history.

Q: Can I get alerts through Slack?

Currently, alerts are only sent through email.

Admins Updated Mar 04, 2026

How to use Policies

There are two ways to use policies after you’ve set up your requirements:

Send an alert: Sends admins an email every 24 hours at 8:00 UTC that summarizes matching policies that need manual review.
Automatically fix it: Performs automatic fixes daily on matching items at 8:00 UTC, with changes logged in Action history.
- Depending on the size of your organization, automatic fixes can take a few hours to complete.

How Policies handle inherited permissions

When policies run automatic fixes, they only evaluate and act on items with directly added access. Items with inherited permissions are skipped and aren’t actioned on. “Inherited” means access granted from a parent folder rather than directly on the file or folder itself.

This only applies to automations run via a policy. Since no fix is applied, these items won’t be logged in Action history. This aligns collaborator behavior with the previously documented handling of inherited links.

Learn more about inherited permissions.

How to access Policies

Log in to dash.ai using your admin credentials.
Click your avatar (profile picture or initials) in the bottom-left corner.
Select Admin console from the dropdown menu. The Admin console opens with the Dash section already expanded, and you'll see Settings under Products → Dash.
Click Policies under the Dash section in the left sidebar.

Log in to dropbox.com using your admin credentials.
Click Admin console in the left sidebar.
Click Dash under the Products section to expand it.
Click Policies.

How to manage policy requirements

There are 14 policy cards that can be edited and customized.

Click Set up on an inactive policy card or the gear icon on an active policy card.
Give your policy a unique name.
Click Edit mode.
Set all the applicable filters.
Click Save and close.
Select if you want to Send an alert or Automatically fix it.
Type CONFIRM.
Click Activate on an inactive policy card or Update on an active policy card.

Note: The Accounts and Owner filters are currently hidden on the Policies page.

You can also edit an existing policy while reviewing the policy matches. Use the filters in the left side panel to preview what the matches will look like with the changes.

Be sure to click Edit when you’re ready to make changes and Save and close when you’re done.

Notes:

Policies must have unique filter selections.
If you update an existing policy, the policy matches will stay in the queue, and the next run at 8:00 UTC will reflect the changes.

What automatic fixes are available

Each policy card has a set automatic fix and can’t be changed.

Number of cards	Action
1	Remove collaborator: All external accounts
3	Remove link type: Public
3	Remove link type: Company
3	Remove collaborator: All outside accounts
4	Remove collaborator: All personal accounts

Tip: You can see the automatic fixes in Action history. To see only automatic fixes, enter “policy-automation” in the Actor filter. You can refine your results by adding additional filters.

How Alerts work

Every 24 hours at 8:00 UTC, an email summarizing policy matches that need manual review is sent to admins. The email also has a link to review the matches, and identifies who created the alert.

Notes:

Alerts are transactional emails that can’t be unsubscribed from.
Only admins will receive these emails. Learn more about how to add or change an admin.

How to review and take action on policy matches

You can view policy matches by clicking View matches in the alert email or the matches on the policy card. From there, you can manually take action on the matches individually or in bulk.

Select the matches you want to action on.
Click the action you want to take:
- Add link type
- Remove link type
- Add collaborator
- Remove collaborator
- Stop sharing
- Delete
If applicable, select the action or enter the collaborator.
Type CONFIRM.
Click the action button.

How to deactivate a policy

Click the gear icon on an active policy card.
Scroll to the bottom of the policy card.
Type CONFIRM.
Click Deactivate in the bottom left of the policy card.
Then click Deactivate again in the pop-up.

Note: When a policy is deactivated, alerting and automatic fixes will continue until the start of the next cycle at 8:00 UTC. Policy matches will stay in the queue after deactivation.