Skip to main content
mcpSource-backed

Dropbox Dash MCP Server for Claude

Official Dropbox Dash remote MCP server that lets Claude search connected company content, read documents, resolve source URLs, and inspect Dash knowledge from MCP-capable clients.

by Dropbox · submitted by oktofeesh1·added 2026-06-03·
Review first review before installing

Open the source and read safety notes before installing.

Citation facts

Source-backed facts for citing this resource, derived directly from the registry — also available as plain text for AI assistants.

Source URLs
https://help.dropbox.com/integrations/set-up-MCP-server, https://github.com/dropbox/mcp-server-dash
Safety notes
Dropbox Dash can search across many connected company sources, including cloud documents, collaboration tools, CRM records, support systems, meeting content, and code or project tools. Start with narrow prompts and source filters instead of broad company-wide searches., Treat Dropbox OAuth tokens, app keys, app secrets, and bearer tokens as secrets. Store them in MCP client credential storage or environment variables rather than prompts, checked-in config, screenshots, or shared transcripts., The published remote MCP tools are centered on search, reading, discovery, URL resolution, identity lookup, and read-only source actions, but returned content can still influence generated code, decisions, emails, or tickets. Keep human review on downstream actions., Respect Dropbox team admin controls for app integrations. If a user cannot register or connect an app, do not work around that by sharing another user's token or app credentials.
Privacy notes
Tool results can expose document titles, metadata, preview text, markdown content, visual page renders, binary file content, source names, labels, original URLs, user identity details, and source-specific records visible through Dropbox Dash., Connected sources may include Google Workspace, Microsoft 365, Slack, Gmail, Jira, Confluence, Gong, Zoom, Workday, GitHub, Dropbox, and other internal systems. Returned snippets can contain customer data, credentials, unreleased product details, employee records, sales notes, or support history., MCP client logs, AI transcripts, screenshots, terminal scrollback, and generated artifacts may retain Dash results outside Dropbox's normal audit and retention controls., The optional local MCP server stores Dropbox tokens in the system keyring when available, with a documented fallback token file. Review local machine access, backups, and secret-cleanup policy before using it on shared hosts.
Author
Dropbox
Submitted by
oktofeesh1
Claim status
unclaimed
Last verified
2026-06-03

Decision playbook

Review trust signals before you adopt

Signals are present but mixed. Use the checklist below to confirm the source and operational safety for your environment.

Compare context
Selected

0

Current score

78

Baseline

Delta

No baseline selected

No major trust-signal divergence detected in the current selection.

Source and provenance checks

Complete

Confirm ownership and provenance before trusting install instructions.

  • Source link availableRequired

    Open the canonical repository and verify ownership.

    Done
  • Source provenance statusRequired

    Marked as source-backed.

    Done
  • Metadata reviewed

    Registry metadata indicates a reviewed listing.

    Done

Safety and privacy checks

Complete

Validate risk disclosures before installation or API wiring.

  • Safety notes presentRequired

    Review the listed safety guidance before running commands.

    Done
  • Privacy notes presentRequired

    Review data handling notes before connecting accounts or secrets.

    Done
  • Trust level risk gateRequired

    Trust level does not block evaluation.

    Done

Package and install checks

Needs review

Check package metadata and artifact integrity signals.

  • Install payload available

    Install or copy payload is available for review.

    Done
  • Package verification flag

    No package verification flag provided.

    Pending
  • Checksum metadata

    No checksum provided for downloaded artifact.

    Pending

Compare-driven decision checks

Needs review

Use compare context to validate trade-offs before adoption.

  • Compare tray has multiple entries

    Add at least one more entry to compare trust differences.

    Pending
  • Baseline comparison available

    No baseline peer selected yet.

    Pending
  • Diverging trust signals identified

    No major trust-signal divergence found.

    Pending

Setup at a glance

CLI install

Copy-ready — paste the snippet to get started.

10 minutes

Adoption plan

Balanced adoption plan

Current risk score 16/100. Use staged verification before broader rollout.

Risk 16

Pre-adoption checks

Validate source and review signals before any execution.

  • Confirm source provenanceRequired

    Source URL/provenance metadata is present.

    Done
  • Confirm metadata review state

    Listing has review metadata.

    Done
  • Verify install payload

    Install/config payload exists and can be inspected.

    Done

Security checks

Confirm safety, privacy, and package integrity signals.

  • Review safety notesRequired

    Safety notes are present.

    Done
  • Review privacy notesRequired

    Privacy notes are present.

    Done
  • Verify package integrity metadata

    No package verification/checksum metadata.

    Pending

Rollout

Adopt in controlled steps based on the selected plan.

  • Run in isolated sandbox firstRequired

    Use a constrained sandbox and observe behavior across multiple tasks.

    Pending
  • Roll out graduallyRequired

    Roll out to a small cohort before wider usage.

    Pending
  • Set monitoring and fallback

    Define rollback path and monitor errors after adoption.

    Pending

Evidence readiness

Evidence readiness matrix · balanced

Required evidence gates are covered (5/6 signals complete).

Risk 15

Source provenance

Present

Source repository/provenance is listed.

Required in this preset

Metadata review

Present

Review metadata is present.

Required in this preset

Safety notes

Present

Safety notes are present.

Required in this preset

Privacy notes

Present

Privacy notes are present.

Optional in this preset

Package integrity

Missing

Package integrity metadata is missing.

Optional in this preset

Install payload

Present

Install payload is available.

Required in this preset

Required evidence gates are covered for this preset.

Decision timeline

Decision timeline · balanced

5/6 steps complete with no blocking gaps for this preset.

Risk 14

triage

Confirm source provenanceRequired

Source/provenance metadata is available.

Done

triage

Check metadata review statusRequired

Review metadata is available.

Done

verify

Review safety notesRequired

Safety notes are available.

Done

verify

Review privacy notes

Privacy notes are available.

Done

verify

Validate package integrity metadata

Package integrity metadata is missing.

Pending

rollout

Verify install payload and commandsRequired

Install payload is available.

Done

No required blockers for this timeline preset.

Prerequisite readiness

Prerequisite readiness

5 prerequisites to line up before setup. Have accounts and credentials ready first.

0/5 ready
Account & credentials3Install & runtime1Network & hosting110 minutes

Safety & privacy surface

Safety & privacy surface

4 safety and 4 privacy notes across 5 risk areas. Review closely: credentials & tokens, network access.

5 areas
  • SafetyGeneralDropbox Dash can search across many connected company sources, including cloud documents, collaboration tools, CRM records, support systems, meeting content, and code or project tools. Start with narrow prompts and source filters instead of broad company-wide searches.
  • SafetyCredentials & tokensTreat Dropbox OAuth tokens, app keys, app secrets, and bearer tokens as secrets. Store them in MCP client credential storage or environment variables rather than prompts, checked-in config, screenshots, or shared transcripts.
  • SafetyNetwork accessThe published remote MCP tools are centered on search, reading, discovery, URL resolution, identity lookup, and read-only source actions, but returned content can still influence generated code, decisions, emails, or tickets. Keep human review on downstream actions.
  • SafetyCredentials & tokensRespect Dropbox team admin controls for app integrations. If a user cannot register or connect an app, do not work around that by sharing another user's token or app credentials.
  • PrivacyLocal filesTool results can expose document titles, metadata, preview text, markdown content, visual page renders, binary file content, source names, labels, original URLs, user identity details, and source-specific records visible through Dropbox Dash.
  • PrivacyCredentials & tokensConnected sources may include Google Workspace, Microsoft 365, Slack, Gmail, Jira, Confluence, Gong, Zoom, Workday, GitHub, Dropbox, and other internal systems. Returned snippets can contain customer data, credentials, unreleased product details, employee records, sales notes, or support history.
  • PrivacyExecution & processesMCP client logs, AI transcripts, screenshots, terminal scrollback, and generated artifacts may retain Dash results outside Dropbox's normal audit and retention controls.
  • PrivacyCredentials & tokensThe optional local MCP server stores Dropbox tokens in the system keyring when available, with a documented fallback token file. Review local machine access, backups, and secret-cleanup policy before using it on shared hosts.

Safety notes

  • Dropbox Dash can search across many connected company sources, including cloud documents, collaboration tools, CRM records, support systems, meeting content, and code or project tools. Start with narrow prompts and source filters instead of broad company-wide searches.
  • Treat Dropbox OAuth tokens, app keys, app secrets, and bearer tokens as secrets. Store them in MCP client credential storage or environment variables rather than prompts, checked-in config, screenshots, or shared transcripts.
  • The published remote MCP tools are centered on search, reading, discovery, URL resolution, identity lookup, and read-only source actions, but returned content can still influence generated code, decisions, emails, or tickets. Keep human review on downstream actions.
  • Respect Dropbox team admin controls for app integrations. If a user cannot register or connect an app, do not work around that by sharing another user's token or app credentials.

Privacy notes

  • Tool results can expose document titles, metadata, preview text, markdown content, visual page renders, binary file content, source names, labels, original URLs, user identity details, and source-specific records visible through Dropbox Dash.
  • Connected sources may include Google Workspace, Microsoft 365, Slack, Gmail, Jira, Confluence, Gong, Zoom, Workday, GitHub, Dropbox, and other internal systems. Returned snippets can contain customer data, credentials, unreleased product details, employee records, sales notes, or support history.
  • MCP client logs, AI transcripts, screenshots, terminal scrollback, and generated artifacts may retain Dash results outside Dropbox's normal audit and retention controls.
  • The optional local MCP server stores Dropbox tokens in the system keyring when available, with a documented fallback token file. Review local machine access, backups, and secret-cleanup policy before using it on shared hosts.

Prerequisites

  • Dropbox Dash account with access to the sources Claude should search or read
  • MCP-capable client with remote HTTP MCP support, such as Claude Code, Claude Web/Desktop custom connectors, Cursor, or ChatGPT
  • Dropbox OAuth approval or a Dropbox app access token when using clients that do not support Dynamic Client Registration
  • Dropbox team/admin policy allowing the user to connect Dash to external MCP clients
  • Agreement on which connected sources, document types, labels, and workspaces may be exposed to AI-assisted workflows

Schema details

Install type
cli
Troubleshooting
No
Source repository stats
Scope
Source repo
Collection metadata
Estimated setup
10 minutes
Difficulty
intermediate
Full copyable content
{
  "mcpServers": {
    "Dropbox Dash MCP": {
      "url": "https://mcp.dropbox.com/dash"
    }
  }
}

About this resource

Content

The Dropbox Dash MCP server connects Claude and other MCP-capable clients to Dropbox Dash through Dropbox's managed remote endpoint at https://mcp.dropbox.com/dash. It is built for company knowledge workflows where an assistant needs to search connected sources, read document content, resolve original URLs, inspect available sources, and bring relevant file or workspace context into an active coding, support, sales, or operations task.

Dropbox also publishes a local dropbox/mcp-server-dash repository, but the official help article recommends the remote server because it is easier to use and updated more frequently. This entry therefore treats the remote HTTP server as the primary setup path and the GitHub repository as source context for teams that need a local stdio option.

Features

  • Remote HTTP MCP endpoint at https://mcp.dropbox.com/dash.
  • Dynamic Client Registration support for ChatGPT, Claude Code, Claude Web/Desktop, and Cursor.
  • Company content search with optional filters for file type, source, and source-specific labels.
  • Document metadata and text retrieval by UUID or URI.
  • Markdown document reading with chunked transfer support for larger files.
  • Visual page rendering for PDFs and presentation slides.
  • Binary content reading for images, video, and audio as base64-encoded data.
  • Source discovery, filter examples, current-user identity lookup, and original URL resolution.
  • Read-only source actions for connected systems through Dash's native source integrations.

Use Cases

  • Ask Claude to find the latest spec, brief, or runbook across Dropbox Dash before changing code.
  • Pull a specific document by Dash UUID or original URL and summarize the implementation requirements.
  • Search only approved source types, such as Dropbox, Google Drive, Confluence, GitHub, Jira, Slack, or Microsoft 365, for task-specific context.
  • Read a PDF page or slide image when the exact visual content matters.
  • Resolve a shared document URL to Dash metadata before asking an agent to use it as context.
  • Give support, sales, or operations assistants access to current company knowledge without switching tabs.

Installation

Claude Code

  1. Confirm your Dropbox Dash account can connect MCP clients.
  2. Add the remote MCP server:
claude mcp add --transport http DropboxDashMCP https://mcp.dropbox.com/dash
  1. Complete the Dropbox OAuth or client-specific authentication flow.
  2. Start with a narrow prompt that names the source, file type, label, or URL you want Claude to inspect.

Claude Web/Desktop

  1. Confirm your Claude plan includes custom connectors.
  2. Open Claude settings, then Connectors.
  3. Add a custom connector named Dropbox Dash MCP.
  4. Use https://mcp.dropbox.com/dash as the server URL.
  5. Complete the OAuth flow and test with a non-sensitive document first.

Cursor

  1. Open Cursor settings, then Tools and MCP.
  2. Create a new MCP server using the configuration below.
  3. Authenticate with Dropbox when prompted by the client.

Configuration

{
  "mcpServers": {
    "Dropbox Dash MCP": {
      "url": "https://mcp.dropbox.com/dash"
    }
  }
}

Codex CLI bearer-token setup

For clients that need a bearer token, Dropbox documents a Dropbox app setup flow and a bearer-token environment variable:

export DROPBOX_DASH_MCP_TOKEN="YOUR_DROPBOX_DASH_ACCESS_TOKEN"
codex mcp add dropbox-dash-mcp \
  --url https://mcp.dropbox.com/dash \
  --bearer-token-env-var DROPBOX_DASH_MCP_TOKEN

Examples

Search approved sources

Search Dropbox Dash for the latest onboarding runbook in Confluence or Dropbox only. Return the document title, source, owner, and updated date before summarizing.

Read a specific document

Use Dropbox Dash to read this document URL and summarize only the deployment requirements that affect the current code change.

Resolve a shared URL

Resolve this shared project brief URL through Dropbox Dash, then tell me which source it came from and whether the content appears current.

Inspect a visual page

Read page 3 of the product launch PDF through Dropbox Dash and summarize the visible checklist items without guessing beyond the page image.

Source notes

  • Dropbox's official help article describes the Dropbox Dash remote MCP server as available to Dropbox Dash users and lists https://mcp.dropbox.com/dash as the server location.
  • The help article documents tools for Dash search, document reading, markdown reading, visual page rendering, binary content reading, source discovery, examples, identity lookup, URL resolution, and read-only source actions.
  • Dropbox documents Dynamic Client Registration support for ChatGPT, Claude Code, Claude Web/Desktop, and Cursor, plus bearer-token setup for clients that need a manually created Dropbox app.
  • The Dropbox app setup instructions call for scoped access, Full Dropbox access type, and permissions including account_info.read, dash/content.read, and dash/content.write.
  • The official dropbox/mcp-server-dash repository provides a local stdio MCP server, documents Python 3.10+, uv, Dropbox app setup, OAuth flow tools, company search, file details, token storage, and Apache-2.0 licensing.

Duplicate check

Checked current content/mcp/, content/tools/, guides, skills, agents, open pull requests, and repository-wide content for Dropbox Dash, DropboxDashMCP, dropbox/mcp-server-dash, mcp-server-dash, mcp.dropbox.com/dash, dash_search, dash_read_document, dash_get_sources, cloud storage MCP, file collaboration, company content search, and related generic file/storage MCP entries. Existing Filesystem, Cloudinary, Cloudflare, Plaid, Jira/Confluence, and other source-specific MCP entries do not duplicate Dropbox Dash's cross-source company search and document-reading MCP server. No dedicated Dropbox Dash MCP entry, Dropbox Dash source URL duplicate, or open duplicate PR was found.

Disclosure

Editorial listing. No paid placement or affiliate link is used.

Source citations

Add this badge to your README

Show that Dropbox Dash MCP Server for Claude is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

Listed on HeyClaude
[![Listed on HeyClaude](https://heyclau.de/badge/mcp/dropbox-dash-mcp-server.svg)](https://heyclau.de/entry/mcp/dropbox-dash-mcp-server)

How it compares

Dropbox Dash MCP Server for Claude side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

2 trust signals differ across this comparison (Source provenance, Submitter).

Field

Official Dropbox Dash remote MCP server that lets Claude search connected company content, read documents, resolve source URLs, and inspect Dash knowledge from MCP-capable clients.

Open dossier

Connect Claude to Glean — run company-wide enterprise search and chat with the Glean AI Assistant across your connected workplace apps — with the official MCP server for the Glean platform.

Open dossier

Official AutoRFP.ai remote MCP server for read-only access to RFP projects, requirements, approved content library search, and organisation tags from Claude and other MCP clients via OAuth.

Open dossier

BittleBits hosted MCP server for Generative Engine Optimization with get_score and get_rewrite tools to measure and improve AI search visibility via OAuth.

Open dossier
Next steps
Trust
Review statusReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewed
Package trustPackage not verifiedPackage not verifiedPackage not verifiedPackage not verified
Source provenanceDiffersSource-backedSource-backedSubmission linkedSource submissionSubmission linkedSource submission
SubmitterDiffersoktofeesh1kiannidevkiannidev
Install riskReview firstReview firstReview firstReview first
Notes Safety ✓ Privacy ✓ Safety ✓ Privacy ✓ Safety ✓ Privacy ✓ Safety ✓ Privacy ✓
Brand
Categorymcpmcpmcpmcp
SourceSource-backedSource-backedSource-backedSource-backed
AuthorDropboxGleanAutoRFP.aiBittleBits
Added2026-06-032026-06-172026-06-142026-06-14
Platforms
Harness
Source repo
Safety notesDropbox Dash can search across many connected company sources, including cloud documents, collaboration tools, CRM records, support systems, meeting content, and code or project tools. Start with narrow prompts and source filters instead of broad company-wide searches. Treat Dropbox OAuth tokens, app keys, app secrets, and bearer tokens as secrets. Store them in MCP client credential storage or environment variables rather than prompts, checked-in config, screenshots, or shared transcripts. The published remote MCP tools are centered on search, reading, discovery, URL resolution, identity lookup, and read-only source actions, but returned content can still influence generated code, decisions, emails, or tickets. Keep human review on downstream actions. Respect Dropbox team admin controls for app integrations. If a user cannot register or connect an app, do not work around that by sharing another user's token or app credentials.Glean recommends the remote MCP server integrated directly in Glean; this local server is intended for experimental and testing use. Search and chat run against your connected company data — scope the API token to the right user/permissions.The connection is read-only; it cannot create, edit, or delete AutoRFP.ai records. Each user inherits their own AutoRFP.ai permissions, so MCP results reflect that user's normal app access. OAuth tokens grant persistent read access until revoked in AutoRFP.ai or the MCP client. Do not share OAuth-approved connector sessions across users or paste access tokens into public issues.get_rewrite may replace marketing copy; review output before publishing to production sites. get_score fetches and analyses live page content from URLs you provide. OAuth tokens grant persistent BittleBits access until revoked. Automated rewrites can introduce factual errors; human review is recommended.
Privacy notesTool results can expose document titles, metadata, preview text, markdown content, visual page renders, binary file content, source names, labels, original URLs, user identity details, and source-specific records visible through Dropbox Dash. Connected sources may include Google Workspace, Microsoft 365, Slack, Gmail, Jira, Confluence, Gong, Zoom, Workday, GitHub, Dropbox, and other internal systems. Returned snippets can contain customer data, credentials, unreleased product details, employee records, sales notes, or support history. MCP client logs, AI transcripts, screenshots, terminal scrollback, and generated artifacts may retain Dash results outside Dropbox's normal audit and retention controls. The optional local MCP server stores Dropbox tokens in the system keyring when available, with a documented fallback token file. Review local machine access, backups, and secret-cleanup policy before using it on shared hosts.Search results and Glean Assistant responses surface internal company content into the MCP client context and the model's prompt. GLEAN_API_TOKEN and GLEAN_INSTANCE are secrets — keep them in the client config or environment, never in shared repositories.MCP tool results can expose RFP project names, requirement text, approved answer content, and organisation tag vocabulary. Search queries sent to the content library are processed by AutoRFP.ai under its own data-handling terms. Public support notes should describe connector scope, not full requirement or library excerpts.Page URLs and content sent to get_score are processed by BittleBits for analysis. Rewrite requests may include proprietary marketing text; avoid sending unreleased campaign copy to untrusted sessions. OAuth sessions should not be shared across users or pasted into public support threads.
Prerequisites
  • Dropbox Dash account with access to the sources Claude should search or read
  • MCP-capable client with remote HTTP MCP support, such as Claude Code, Claude Web/Desktop custom connectors, Cursor, or ChatGPT
  • Dropbox OAuth approval or a Dropbox app access token when using clients that do not support Dynamic Client Registration
  • Dropbox team/admin policy allowing the user to connect Dash to external MCP clients
  • A Glean account/instance (GLEAN_INSTANCE) and an API token (GLEAN_API_TOKEN).
  • Node.js (npx) and an MCP client such as Claude Code or Claude Desktop.
  • AutoRFP.ai account with access to the projects and content library you want to query.
  • Claude Pro, Team, or Enterprise plan with Connectors support, or another MCP client with custom remote connectors.
  • Claude organisation admin for the one-time org connector setup in Claude Team/Enterprise environments.
  • Knowledge of your AutoRFP.ai data residency region (APAC, EU, or US) to select the correct MCP endpoint.
  • BittleBits account with OAuth access to GEO scoring and rewrite features.
  • Claude Pro, Team, or Enterprise with Connectors support, or another MCP client with remote HTTP connectors.
  • URLs or page content you are authorised to analyse and rewrite for GEO.
  • Basic understanding of Generative Engine Optimization goals and brand voice guidelines.
Install
claude mcp add --transport http DropboxDashMCP https://mcp.dropbox.com/dash
claude mcp add glean -e GLEAN_API_TOKEN=<your-token> -e GLEAN_INSTANCE=<your-instance> -- npx -y @gleanwork/mcp-server
claude mcp add --transport http autorfp https://api.autorfp.ai/mcp
claude mcp add --transport http bittlebits https://bittlebits.ai/mcp
Config
{
  "mcpServers": {
    "Dropbox Dash MCP": {
      "url": "https://mcp.dropbox.com/dash"
    }
  }
}
{
  "mcpServers": {
    "glean": {
      "command": "npx",
      "args": ["-y", "@gleanwork/mcp-server"],
      "env": {
        "GLEAN_API_TOKEN": "<your-token>",
        "GLEAN_INSTANCE": "<your-instance>"
      }
    }
  }
}
{
  "mcpServers": {
    "autorfp": {
      "url": "https://api.us.autorfp.ai/mcp",
      "type": "http"
    }
  }
}
{
  "mcpServers": {
    "bittlebits": {
      "url": "https://bittlebits.ai/mcp",
      "type": "http"
    }
  }
}
Citations
ClaimUnclaimedUnclaimedUnclaimedUnclaimed
Open 4 picks in the interactive comparison tool

Related guides

Signals

Loading live community signals…

More like this, weekly

A short, calm digest of reviewed Claude resources. Unsubscribe any time.