Level up your Box knowledge with brand new learning paths on Box University. Visit training.box.com to get started

Box Status

Custom login form on website

Follow
New post
Patryk

Hello,
I would like to use the API to allow users on my website login to box.com. However, I would like to use my custom form on my website where user can type username and password, click login button and he will be logged in and redirected to box.com site.

Is it possible with the API?

If it is, which endpoint should I use and what should be in the body?

0

Comments

1 comment

Date Votes
  • Peter Christensen

    HI Patryk

    We do not allow this as although your intentions are good, bad actors would be able to utilize this for phising and other types of attacks and general OAuth guidelines suggest to steer well clear of 'password grant' type API. For custom apps access to Box we provide two secure routes. Client side OAuth 2.0 and server side JWT and Client Credentials grant. See this overview of which type of app to use based on your requirements. 

    Best regards,
    Peter Christensen, Platform Solutions Engineer, Box

    0
    Comment actions Permalink

Post is closed for comments.