Welcome to the new Box Support website. Check out all the details here on what’s changed.

Unable to get access token using Box API through CURL (JWT without SDKs)

Answered
New post

Comments

5 comments

  • Official comment
    Kourtney

    Hello, 

    It looks like the app type you selected is "Server Authentication (with JWT)". If you would like to authenticate using the method above, you will need to select "Server Authentication (with client credentials grant)".

    Other than that, your request looks ok, here's a quick screenshot of me demoing this in postman! 

    Best, 

    Kourtney, Box Developer Advocate

    Comment actions Permalink
  • Hari Krishna

    Thank You. Now I am getting access token in response. 

    I am trying to use this Access token following APIS through CURL in Postman not getting the results. But When I am using Developer Token data is coming. Please check anything I missed. Please let me know. Thank You.

    1. Box search API

    Request:
    curl --location --request GET 'https://api.box.com/2.0/search?query=new%20year(american%20football)' \
    --header 'Authorization: Bearer 6zyixHi507bGfg4EXC1cF6GnW2O8o8Pn' \

    Response:
    {
    "total_count": 0,
    "entries": [],
    "limit": 30,
    "offset": 0
    }

    2. Folder Items By folder id Box API

    --header 'Authorization: Bearer 6zyixHi507bGfg4EXC1cF6GnW2O8o8Pn' \

    Response:
    {
    "type": "error",
    "status": 404,
    "code": "not_found",
    "context_info": {
    "errors": [
    {
    "reason": "invalid_parameter",
    "name": "folder",
    "message": "Invalid value 'd_130537091868'. 'folder' with value 'd_130537091868' not found"
    }
    ]
    },
    "message": "Not Found",
    "request_id": "dlccu2gnbendz05h"
    }

    3. Download File by file id Box API

    Request:
    curl --location --request GET 'https://api.box.com/2.0/files/769462745145/content' \
    --header 'Authorization: Bearer 6zyixHi507bGfg4EXC1cF6GnW2O8o8Pn' \
    --header 'Content-Type: application/json' \

    Response:
    {
    "type": "error",
    "status": 404,
    "code": "not_found",
    "message": "Could not find the specified resource",
    "request_id": "snjb9dgnbepx3e9h"
    }
     


    0
    Comment actions Permalink
  • Kourtney

    By default, you're acting as the service account user. You can validate this by making a call to the get current user endpoint. Similar to within the WebApp, you're only going to be able to interact with content that user owns or has collaborator access to. The reason it's working with your developer token is because that token is associated with the user who's logged into the developer console. Therefore, you either need to: 

    1. Collaborate the service account user onto the content you're trying to access 
    2. Obtain an access token for your account

    Assuming you're going with number 2, you'll need to change the box_subject_type to 'user' and box_subject_id to your userID  

    0
    Comment actions Permalink
  • Hari Krishna

    Thank You For your reply.  I am trying with 2nd point.
    When I am using box_subject_type is an enterprise,  box_subject_id I have set enterprise id its working fine.

    I have used this account_id to please check screenhot:

    Request:

    curl --location --request POST 'https://api.box.com/oauth2/token' \

    --header 'content-type: application/x-www-form-urlencoded' \
    --form 'client_id="a1ehvujaorulwg3uypa5dw1bd6y9f2ap"' \
    --form 'client_secret="iwPP7Tfd5RFZlq2Xs34CqTXWICBiZZ07"' \
    --form 'grant_type="client_credentials"' \
    --form 'box_subject_type="user"' \
    --form 'box_subject_id="15076588489"'

    Response:
    {
    "error": "invalid_grant",
    "error_description": "Grant credentials are invalid"
    }

    As per 2nd point  box_subject_type to 'user', Where can I get userID for using box_subject_id. Please let me know. Thank You.

    0
    Comment actions Permalink
  • Hari Krishna

    Hi Kourtney,
    Can you please give me the answer ASAP. Thank You.

    0
    Comment actions Permalink

Please sign in to leave a comment.