How to manage team security in Dropbox Dash

Updated May 06, 2025
person icon

The information in this article applies to Dash admins on team accounts.

As an admin, you can monitor and configure security settings to control how members access Dropbox Dash. This article outlines the steps necessary to configure security settings to control how members access Dash, including:

  • Filtering, viewing, and downloading account activity
  • Enabling single sign-on (SSO) to configure access settings
  • Choosing which email domains users can use to log in to Dash
  • Verifying ownership and getting insights on your company domain
  • Enabling public sharing of stacks

How to view account activity

You can monitor team activity directly from the admin console. In the Security section, you can filter, view, and download information about team member activities and membership details. You can also get a comprehensive view of your team's overall activities, generate stack reports, and explore other reporting tools. Learn how to view Dash team activity.

How to enable single sign-on (SSO) access

You can enable SSO in your Dropbox Dash account so your team members can log in using their company usernames and passwords. 

warning icon

Important: Before enabling SSO, make sure all added apps are fully synced. You can check the sync status on the Apps page in the Admin console.

  1. Log in to dash.ai using your admin credentials.
  2. Click Admin console in the left sidebar.
  3. Under Products, click the arrow to expand the Dash menu options.
  4. Click Settings.
  5. In the Security section, click Open next to Enable SSO access.
  6. Toggle the Single sign-on setting from Off to either Optional or Required.
    • If you choose Required, team members must log in to Dropbox using SSO, and their Dropbox password will no longer work. However, admins can still use their Dropbox admin credentials to log in.
    • If you choose Optional, your team can log in to Dropbox using SSO or their Dropbox password.
  7. Click Add sign-in URL and enter the URL you noted.
    •  Optional: You can click Add sign-out URL to add a sign-out URL.
  8. Click Upload certificate to upload the X.509 certificate .pem file you downloaded earlier.
  9. Click Save.
highlighter icon

Notes

  • After SSO is activated, share the instructions with your team. 
    •  If you chose to require single-sign on, Dropbox will notify team members by email.
    • If you made single-sign on optional, you’ll need to notify the team yourself.
  • Note that all devices linked to Dropbox accounts will continue functioning as before. Admins will no longer be able to reset passwords through Dropbox or enforce two-step verification because the identity provider now handles password management and access security.
  • For sensitive data, we recommend using company-managed apps, which require admin-managed credentials. Additionally, enabling single sign-on (SSO) and domain verification provides extra layers of security to protect your organization. Learn how to enable SSO and domain verification for your team.

How to enable domain verification

  1. Log in to dropbox.com with your admin credentials.
  2. Click Admin console in the left sidebar.
  3. Click the arrow to expand the Dash menu options.
  4. Click Settings.
  5. In the Security section, click Open next to the Domain verification.
  6. Click Add domain.
  7. Enter the organization domain you'd like to verify ownership of.
  8. Select one of the three verification methods:
    • Add a meta tag
    • Upload an HTML file
    • Create a TXT record
  9. Follow the instructions on the screen—once you've completed the verification, you'll receive an email notifying you that your domain ownership was successful.

How to add domains to your allowlist for app authentication

Admins can specify which email address domains members can use to log in to apps. This ensures that only approved or trusted domains can be used, reducing potential security and compliance risks.

  1. Log in to dropbox.com with your admin credentials.
  2. Click Admin console in the left sidebar.
  3. Click the arrow to expand the Dash menu options.
  4. Click Settings.
  5. In the Security section, click Change next to the Allowlist domains for app authentication.
  6. Type the email domain, and then click add Add
    • Note: You must include the “@” symbol and extension. For example, type “@domain.com”.
  7. Click Done.
highlighter icon

Note: Allowlist domains for app authentication only works with these apps: Asana, Gmail, Google Calendar, Lucid, and Smartsheet

How to enable public sharing of stacks

  1. Log in to dropbox.com with your admin credentials.
  2. Click Admin console in the left sidebar.
  3. Click the arrow to expand the Dash menu options.
  4. Click Settings.
  5. Toggle on Public sharing of stacks in the Content section.
Was this article helpful?

Let us know how why it didn't help:

Thanks for letting us know!

Thanks for your feedback!

Related Articles

Change admin rights

Admins

If you're the team admin of a Dropbox team account, you can make other team members admins, too. Find out how here.

View article

Customize Dropbox team security settings

Admins

Keeping your organization's information safe is our top priority. Learn more about how to customize security to meet your business needs.

View article

Data classification

Admins

Learn how to enable automatic data classification for Dropbox. Protect information in team folders and receive data loss prevention (DLP) alerts.

View article

Dropbox Paper: admin settings for Dropbox teams

Admins

Effortlessly create, share, and keep your team on the same page with the added benefit of admin controls to protect your business. Learn more here.

View article

Other ways to get help

Icon depicting two people
Community
Twitter Icon
X
Icon depicting a speech bubble
Contact support