Best way to create user provisioning and de-provisioning solution
Hello people,
I work in a company that uses Box and I wanted to automate user provisioning in Box through its API. The idea is to have a piece of software that receives new and suspended users from another system and then talks to Box API to create and suspend users automatically. I saw that the API and SDKs have a lot of ways of doing that and that seems fine, however, my doubt is more related to how would this App authenticate to the system? I thought about having a "super user" account that could create and remove users and also move their data. However, all oauth2 examples that I found are more related to the use case where your App has a direct interaction with an user (https://docs.box.com/docs/getting-started-box-integration), even in the "Provisioning and Deprovisioning" example in the docs.
Please let me know the best practive for Box in that case.
Thanks for your time and help.
BR,
-
Kept looking and found this (https://docs.box.com/docs/service-account), looks like the way to go 🙂
Will keep looking and post here my findings, if I happen to find something interesting.
-
Yes, service account is the way to go. We also utilize similar feature for User deprovisioning. Created one app from Box Dev console logging in with the service account which has admin auth over box. Needs As-User functionality for the app. As soon as you get that, your service account should be able to process user.
Please sign in to leave a comment.
Comments
2 comments