Welcome to the new Box Support website. Check out all the details here on what’s changed.

Box UI Kit vs generated Expiring Embed Url

New post

Comments

5 comments

  • vmaker

    Thanks for your question!

     

    The UI kit uses access tokens to fetch content from Box, so in order for the preview to load, the token must be valid. Most of our tokens today expire within 60 minutes. Please refer to the "Token Exchange" portion of this document  that explains how you can generate downscoped tokens. Once you have generated a downscoped token, you can pass that to the UI kits which should provide the same level of security and access that the expiring embed does.

     

    0
    Comment actions Permalink
  • morrowtfpx

    I'm already generating a token on the server side, through the Python SDK in this case.  I generate a token and pass it, as well as the file GUID, to the client.  The client then makes the request to obtain a viewer through the Box Preview JS client.  My original process was to create an embed url link on the server side and pass that to the client.  Unfortunately this has severe limitations since it must be used in an iframe.  Is the token generated from my server side Box Session not useable for the client side viewer?

    0
    Comment actions Permalink
  • morrowtfpx

    What's odd is that, even though the viewer displays a message "We're sorry the preview didn't load.  Please refresh the page", there is a download link just below this text, and that link works fine - it is only the preview that is breaking.  The JSON response to the viewer request for the document is also successful.   

     

    boxpreviewCapture.PNG

    0
    Comment actions Permalink
  • vmaker

    That does sound odd. Would you mind submitting a case so we can help you investigate this?

    0
    Comment actions Permalink
  • morrowtfpx

    I made a support case for this last week, but I have not heard back yet.

    0
    Comment actions Permalink

Please sign in to leave a comment.