App Token Authentication

New post



  • LoCortes

    Good morning everybody,


    finally, I answer myself. After contacting box official support we have discovered several things:


    1. The problem came due to the enterprise configuration done to the repository. As the "no creation at root level allowed" option was enabled everytime I tried to create a document a 403 error was raised.
    2. To solve the first step issue, was needed to add the Service Account associated to the application to any other folder to act as the place to create documents. But, alas! that is easier said than done as there is no way to retrieve the Service Account user for a non-box-employee user. That user can not be retrieved from the Admin console, the developer console or even the API. Why? Because this type of application has the scopes limited to "upload_content", "item_preview" and "item_delete". So if you try to retrieve the current user information it fails.
    3. I needed to recieve, from BOX support, the ID of the Service Account user. Once I had that ID I was able to retrieve the mail with the method${"USER_ID"}. With that I retrieved the account (***email address removed for privacy***).
    4. With the account mail retrieved on the third step, finally, I could add the user on a folder as co-owner that would fit my purposes.
    5. Using the ID of the folder and the API, finally I was able to upload and retrieve documents with that application.

    I hope this helps somebody.



    Comment actions Permalink
  • Murtza

     Thanks for updating the thread with this information!

    Comment actions Permalink

Please sign in to leave a comment.