Determine access authorization for another user?

Answered

Follow

New post

kylerlaird

• May 09, 2017 08:17

I'm just getting started with Box.  I am building a tool that needs to be able to determine if an arbitrary user has access to a folder.  My app is running as me, klaird, but wants to know if another user, rsmith, has access to a folder

 

The only way I see to do this (but have not tested) is to get the collaboration IDs for a folder then step through them, checking accessible_by for the user of interest.  Is that a viable way to do it?  Is there a better way?  I'll be running this on several folders.

 

Thanks.

 

--kyler

0

• 

  Murtza

  • May 09, 2017 12:12

   One way to test this is calling the Get Folder Items endpoint using the As-User header. The As-User header lets you make API calls as a specific user. If you get a 403 error making this API call, the user does not have access to that folder. 

  0

  Comment actions Permalink
• 

  kylerlaird

  • May 09, 2017 13:41

  Thank you, Murtza.

   

  As-user looks like a great solution.  It looks like this will require a Service Account so it will be awhile before I can make use of it.

   

   

  0

  Comment actions Permalink

Please sign in to leave a comment.