Welcome to the new Box Support website. Check out all the details here on what’s changed.

Comments

4 comments

  • LoCortes

    Good morning ,

     

    I think that I have not understood completely your question.

     

    Let me see if my assumptions are correct:

    - You have created some APP on the developer console that integrated to BOX.

    - You have passed the information about that application to a developer that is trying to develop some specific code.

    - The developer is not capable of authenticate because, you suspect, that he is indicating a bad client id or secret key

     

    Are those assumptions correct? 

     

    If they are correct, I think you can not validate the values because you can not login and you can not use the API. Nevertheless, I think that even in the case that they are correct and you are using the API there is no method for doing that.

     

    If on the contrary, you want to validate with a script simply that the client id and the secret key are valid I do not think that there is a way. At least I do not know nothing about something like that.

     

    Thanks

    0
    Comment actions Permalink
  • Box Product Support

     Good morning LoCortes,

     

    Thanks for your reply,but i wish to explain my problem in a better way.

    I have created an app by registering myself at box and obtained the client id and client secret key.

     

    Now i have an interface that requests for client id and secret key in my app.

    entries are through textboxes.

    Now I want to verify if the entries made in textboxes are similar to the client id and secret key that is given by Box.

    if true i need to be redirected to the login page else a pop up need to occur that a wrong details have been entered.

    One point I wish to add is that the client id and secret key given by the Box are not stored anywhere(example-file etc);

    0
    Comment actions Permalink
  • LoCortes

    Hello ,

     

    the only details I have noticed are the following ones:

     

    - client Id and secret keys are 32 character length

    - client Id contains always lower case letters and numbers

    - secret keys contain always lower and upper case letters and numbers

     

    I do not know if they are randomly generated or how BOX generates them. So, unless somebody else can explain us how they are generated and see if there is a specific pattern, I think that the only thing that can be done is check that the string fits to that rules (length and type of characters).

     

    I am sorry to not have any better solution for that 🙂

     

    Regards

    0
    Comment actions Permalink
  • Box Product Support

    Thanks for the reply

     

    I have the below 3 lines of code which would generate a client object

     

    var config = new BoxConfig(BoxClientId, BoxSecret, new Uri("http://localhost"));
    var session = new OAuthSession(access_token, refresh_token, 3600, "bearer");
    client = new BoxClient(config, session);

     

    this code does not throw any exception even if wrong client id and secret key are passed as parameters to the BoxConfig constructer and client object is generated

     

    I even tried the following code

     

    OAuthToken newToken;

    TokenProvider tokenProvider = new TokenProvider(BoxClientId, BoxSecret);
    newToken = tokenProvider.RefreshAccessToken(refresh_token);

     

    even this code runs fine for me as it does not throw any Exception when wrong client id and secret key are passed as parameters to the TokenProvider constructer.

      

    So can you please suggest me a box api class that would throw an exception if wrong client id and secret key are passed as parameters.

    This would help me in catching the exception and display a message that wrong credentials have been passed.

    It would also be fine if Box return any statuscode when an invalid client error occurs which i can use to validate the client id and secrety key

     

    can you please help me figure it out

    0
    Comment actions Permalink

Please sign in to leave a comment.