How to access files from public app user (no access token)
Hi! I am new to box development and am not sure how to accomplish a task.
I have a folder of images, and I want to fetch certain files by name through my javascript application. However, I want to do this from my app's user standpoint, so anyone using my app would be able to load these files (and not edit or delete them, just retrieve them).
I'm not sure how to do that with the developer API calls-- it seems like all calls require an access token, which I don't want the user to have to deal with.
So far I have been using developer tokens to develop on my side. For the public app, do I need to change my method of authentification? How else could I approach this? Please let me know. Thanks!
-
Hey Isabel,
It sounds like you will indeed want to use JWT as the authentication method. However, you're always going to need an access token in order to access Box content for security reasons. Your code should take care of this and not require any end-user interaction. Your developer token is going to be associated with your account's email address, whereas by default, you'll obtain a token for the app's service account. You can validate which user is associated with your token by calling this endpoint. You'll take the service account's email address (AutomationUser) and add it as a collaborator on the content you want your application to have access to. Since you don't want them to be able to edit/delete, it sounds like you may want to use the preview collaboration level, but I recommend reviewing the chart of options here.
Best,
Kourtney
Box Developer Advocate
Please sign in to leave a comment.
Comments
1 comment