Welcome to the new Box Support website. Check out all the details here on what’s changed.

Custom login form on website

New post

Comments

1 comment

  • Peter Christensen

    HI Patryk

    We do not allow this as although your intentions are good, bad actors would be able to utilize this for phising and other types of attacks and general OAuth guidelines suggest to steer well clear of 'password grant' type API. For custom apps access to Box we provide two secure routes. Client side OAuth 2.0 and server side JWT and Client Credentials grant. See this overview of which type of app to use based on your requirements. 

    Best regards,
    Peter Christensen, Platform Solutions Engineer, Box

    0
    Comment actions Permalink

Post is closed for comments.