Typically, clicking the login link will redirect the user to a dropbox page which contains some application information, publisher, and a confirm/deny dialog which will authorize the application. This is ideal. After logging out Dropbox (from the implementing app, not Dropbox), subsequent login requests seem to skip this confirm/deny option, instead immediately signing in the user.
I say "seem to" because occasionally it will prompt as usual. I'd prefer to always prompt. Is there a way to do this without logging out from the Dropbox website?
Yes, set the force_reapprove=true URL parameter on the OAuth 2 /authorize URL and Dropbox will always require explicit re-authorization, even when it would otherwise skip it (e.g., like it would in some cases where the user already authorized the app).
This can be found in the documentation for /oauth2/authorize here:
https://www.dropbox.com/developers/documentation/http/documentation#oauth2-authorize