Level up your Box knowledge with brand new learning paths on Box University. Visit training.box.com to get started

Box Status

Add Collaboration to a folder using AppUser user token

Follow
New post
kobymiz

Hello,

I am building an integration between my organziation backend systems and BOX.

 

One of the scenarion is that when certain event is happening inside my organization there is a need to create a folder in BOX and add collaboration objects to that folder (connect groups to the folder).

 

I have no problem to create the folder but when trying to create the collaboration I am getting the following error: Box.V2.Exceptions.BoxException: Bearer realm="Service", error="insufficient_scope", error_description="The request requires higher privileges than provided by the access token."

 

I am using BOX SDK for .Net to interact with BOX.

 

The application I created in BOX is assigned to use AppUser User Type and I provided all the scopes that BOX allows me (All scopes except "Manage enterprise" which is disabled).

 

The code that fails is (C#):

 

var privateKey = File.ReadAllText(Settings.JwtPrivateKeyFile);

var boxConfig = new BoxConfig(Settings.ClientID, Settings.ClientSecret, Settings.EnterpriseID, privateKey, Settings.JwtPrivateKeyPassword, Settings.JwtPublicKeyID);

var jwt = BoxJWTAuth(boxConfig);

var token = jwt.AdminToken();
var client = jwt.AdminClient(token);

 

var addRequest = new BoxCollaborationRequest(){
Item = new BoxRequestEntity() {
Id = folderId,
Type = BoxType.folder
},
AccessibleBy = new BoxCollaborationUserRequest(){
Type = BoxType.@group,
Id = groupId
},
Role = role
};

var api = client.CollaborationsManager;

var task = api.AddCollaborationAsync(addRequest);
task.Wait();

 

When running this code but replacing the Admin Token with Developer Token generated from the Box Applicaiton Edit Page it works.

 

Any help is appreciated

 

Thanks,

Koby

0

Comments

1 comment

Date Votes
  • alexmlee

    I am going to open a ticket and a new post as well, but we are also encountering this same error.

     

    We are working on a Rails App and are trying to use the Boxr SDK

    https://github.com/cburnette/boxr

     

    We've tried hitting it with the "admin" enterpirse access_token and this is when we get the scope error.

     

    Like the original poster, we have the Manage Users, Manage Groups, and Manage Enterprise Properties boxes checked (not Manage Enterprise or Manage retention policies)

     

    Here is our code that fails:

     

    client.add_collaboration(, { type: "user", id: ENV['BOX_ADMIN_APP_USER_ID']}, 'owner')

    Boxr::BoxrError: 403: Bearer realm="Service", error="insufficient_scope", error_description="The request requires higher privileges than provided by the access token."

    from .rvm/gems/ruby-2.2.2/gems/boxr-1.2.0/lib/boxr/client.rb:239:in `check_response_status’

     

    Please let us know if there is a solution.

    0
    Comment actions Permalink

Please sign in to leave a comment.