I was looking at making a web application (will host on own servers) for other Box users and enterprises, not my own.
For regular users, the OAuth process is straight forward, with me creating the Box Application under my account, then using its client ID and secret to request access to a users account, allthough I can only seem to choose between "Read Only" and "Full File" access, I guess thats part of the reason for businesses to get proper enterprise accounts.
But I am not clear on what is the intended processes for enterprise customers. I can set up an application on my account (at https://app.box.com/developers/services/ as described by https://docs.box.com/docs/app-auth ) with a keypair, my webhooks, branding, etc., but I am not clear on the process to then request access to an enterprise customers account.
The document I found, https://docs.box.com/v2.0/docs/app-users, seems to be geared for me to create an app user for my own account, not someone elses, and immediately goes into complex steps that do not seem suitable for most customers.
Is the indended process that I get a customer admin to go the OAuth route like for normal users, requesting the "Manage app users" permission, then do the https://docs.box.com/v2.0/docs/app-users steps and discard that first OAuth token? The permission seems a lot wider than what many people may wish to grant my app, as it appears to be pretty much total access to their enterprise account?
Please sign in to leave a comment.