---
locale: "en"
updated_at: "2025-10-27T22:49:26.521Z"
canonical: "https://www.isdecisions.com/en/userlock/docs/guides/sso/configure-the-applications/dropbox"
---

# Enable Single Sign-On to Dropbox with UserLock

Set up Dropbox SSO using UserLock as IdP.

## Introduction

This guide explains how to integrate **Dropbox** with **UserLock Single Sign-On (SSO)** using the SAML 2.0 protocol.

Once configured, Dropbox logins are authenticated by UserLock. This provides users with a seamless sign-in experience and allows administrators to enforce UserLock [access policies](/userlock/docs/reference/core-concepts/access-policies) (MFA, time, machine, or location restrictions) on SSO sessions.

🚩 **Before starting:**

- You need a **Dropbox Business account**.
- **UserLock SSO** must already be [installed and configured](/userlock/docs/guides/sso/install-configure-sso).

## Step 1. Enable Dropbox in UserLock SSO

1. In the **UserLock console**, go to ⚙** Server settings ▸ Single Sign-On**.
2. In the application list, select **Dropbox**.
3. When prompted, enter the **Email domain** to be used for user logins.
4. Save the profile.

![](https://a.storyblok.com/f/122374/575x788/8a635a20b5/dropbox-settings.PNG)

## Step 2. Configure Dropbox for Single Sign-On

1. Sign in to **Dropbox Admin Console** with an administrator account.
2. Go to** **⚙**Server settings ▸ Single Sign-On**.
3. Complete the form with the following values:
  | Settings | Values |
  | --- | --- |
  | Single sign-on | - **Optional** (recommended for testing) - or **Required** (once confirmed). |
  | Identity Provider Login URL | `https://sso.contoso.com` |
  | Identity Provider Logout URL (optional) | `https://sso.contoso.com/connect/endsession` |
  | X.509 certificate | 1. Go to *UserLock console▸ *⚙ *Server Settings▸ Single Sign-On* 2. Click on *Download  ▸ SAML certificate*. 3. Upload the downloaded file |

> **Note**
>
> ⚠️ By default, the authentication mode is set to **Optional**. Do not switch to **Required** until SSO has been tested and confirmed working.

## Cancel SSO in Dropbox

To cancel SSO and revert to standard logins:

- Set the **Single sign-on** drop-down list value to **Off**.

> **Note**
>
> 💡 Even if the authentication mode is set to **Required**, administrators can still log in with their email address and password.

## Troubleshooting

For common issues, see [Troubleshooting SSO](/userlock/docs/support/troubleshooting/sso-issues).
If the problem persists, please contact [IS Decisions Support](/support).

## Next steps

You can extend the security of SSO sessions by applying UserLock access policies in addition to authentication.

- [Apply MFA on SaaS connections](/userlock/docs/guides/mfa-implementation/mfa-for-sso) to require stronger authentication.
- [Hour restrictions](/userlock/docs/reference/access-policies/time-restriction): define when users are allowed to connect.
- [Geolocation rules](/userlock/docs/reference/access-policies/geolocation): enforce access policies based on user location.
- [Session limits](/userlock/docs/reference/access-policies/session-limit): allow or deny SaaS logins entirely for specific users.
