Welcome to the new Box Support website. Check out all the details here on what’s changed.

Comments

6 comments

  • mschwartz

    Thanks for your question. 

     

    A Service Account is a user-based representation of an application within a Box enterprise. You can think of this as a privileged Box user account. Each Service Account has a different set of permissions granted by the Enterprise Admin when he or she authorizes the application.

     

    App Auth is an authentication method (also known as OAuth 2.0 with JWT) that allows an application's Service Account to authenticate directly to Box's servers. It replaces the first leg of the a standard 3-legged OAuth process.

     

    App Users are specially-licensed Box accounts that can only access Box's content services via the API. They allow you to "white-label" Box functionality in your app since they are effectively Box accounts that map directly to users in your app. Using the App Auth process, your application can create an manage these Box accounts. App Users also do not go through a standard Box authentication flow since the application authenticates on their behalf. This means that your users do not ever directly interact with Box (and likely do not know that Box is behind the scenes) and also means that they cannot log into the Box products, like our web application or iOS and Android apps.

     

    Whenever you create an application via our developer console, your application receives a Service Account. Using the App Auth process, the Service Account authenticates directly to Box's servers. From there, the Service Account can access Box's content services via the API calls using an Enteprrise Access token, or can create App Users and make API calls using the App User Token.  

     

    I hope this helps! You can read more about Authentication Models and Account Types in our developer documentation. 

    0
    Comment actions Permalink
  • akubatoor

    Thanks for your response. Who will setup the Service Account and App Users. Will that be done by the Admins or the developer of the application needs to do that ?

    0
    Comment actions Permalink
  • mschwartz

    Great question. The Service Account is created when a new app is created in the Box Developer Console. App Users are then created via the API. Both are typically done by the developer.

    0
    Comment actions Permalink
  • akubatoor

    Thanks again for a quick response. So in my case to use a java application to upload files to Box, do I need both service account and an app user account ?

    0
    Comment actions Permalink
  • Murtza

     To better advise you, we need a little bit more information about your use case. Are you trying to upload these files to a specific Box user's account or do you need a place to store files for an application?

    0
    Comment actions Permalink
  • akubatoor

     I'm trying to develop a Java application which will run on AWS and upload the Files to Box.com account securely. It is just a batch process looking for File storage and not behalf of any end user. These are some Tax Files that I'm uploading from my application. Then I also need to provide access to external third party accountants to securely download those Files on their machine.

    0
    Comment actions Permalink

Please sign in to leave a comment.