Can't force re authentication
Hi, I'm using the Box login endpoint https://account.box.com/api/oauth2/authorize but I can not set a force_reauthentication parameter,the case is that if I want to authenticate with Box and I have a session already open (don't want to authenticate in this session) I can only see the Grant access page, is there a way o parameter that can help me to force a reauthentication?
-
Hi , thanks for reaching out - great question!
There is no "force reauthentication" parameter, but Box also does not store API sessions (defined as a valid access/refresh token pair). If you send someone to the OAuth2 login endpoint, that is already a reauthentication since we wouldn't re-provide an access/refresh token pair from the past.
If you want to retrieve an access/refresh token pair from the past, you will need to cache that on your end. Make sure to follow our security guidelines if you wish to go that route:
https://developer.box.com/v2.0/docs/application-security-guidelines
Hope that helps!
Thanks,
Jason
Please sign in to leave a comment.
Comments
1 comment