QUESTION: Best Practice - Managing App Users
Answered
Hi,
What would you recommend is the best practice for managing app users:
A) Create once, store the app user ID in config, reuse for the lifetime of the application?
B) Create a new app user for every session of work and delete it at the end of the session?
The tutorial (https://docs.box.com/v2.0/docs/app-users) shows how to get an admin token, create a new app user, use it to do my work, and then deletes the app user. Under regular app use, would I create the app user once and then store the app user ID in my config to be reused for the lifetime of my application? Or is it best practice to create a user just for the duration of my session, and create a new user every time the application runs?
I'm using OAuth 2 with JWT for my app that interacts with Box using the C# (.NET Core) SDK.
Thanks!
- Abbas
-
Hello,
I would say that depends on your use case but I haven't even thought about that usage of creation and destruction of app-users per session. If that suits your use case can be a good approach but you will loose traceability of who creates the documents.
Which will be the actions to be used by those users? upload documents or download them? because to download documents, those APPUSERS will have to have access to the specific folders where the documents are... So, you will have to create them, add them as collaborators on folders, download documents...
I do not know if is an agile approach.
Thanks
Please sign in to leave a comment.
Comments
3 comments