Configure App Settings for JTW Authentication

New post



  • kendomen

    This is new to me too and I haven't seen docs on it but here's what I tried and it seems to work...


    1.  npm install config

    2.  mkdir config in the working directory

    3.  I copied the generated config.json file to the config directory and renamed it to default.json

    and then I ran this code...


    var BoxSDK = require('box-node-sdk');
    var config = require('config');
    var sdk = new BoxSDK({
        clientID: config.get('boxAppSettings.clientID'),
        clientSecret: config.get('boxAppSettings.clientSecret'),
        appAuth: {
          keyID: config.get('boxAppSettings.appAuth.publicKeyID'),
          privateKey: config.get('boxAppSettings.appAuth.privateKey'),
          passphrase: config.get('boxAppSettings.appAuth.passphrase')
    var adminAPIClient = sdk.getAppAuthClient('enterprise', "******");


    Comment actions Permalink
  • abbaslotia

    What format did you put the private key into your JSON file? (not trying to spoof, just looking for the format)


    e.g. If my private key file looks like this (with line breaks):



    Proc-Type: 4,ENCRYPTED
    DEK-Info: AES-256-CBC,1A1111A11A1A1A1AA11111AA11111A11
    -----END RSA PRIVATE KEY-----


    How do I type that into the value for the privateKey in my app settings json file? Do I need to retain line breaks (is that possible)?

        "boxAppSettings": {
            "clientID": "something",
            "clientSecret": "secretsomething",
            "appAuth": {
                "publicKeyID": "12E4567B",
                "privateKey": "???",
                "passphrase": "password"
        "enterpriseID": "012345",
        "webhooks": {
            "primaryKey": "s0mePr1maryK3y"
    Comment actions Permalink
  • abbaslotia

    Solved my own question.


    1) I clicked the "Generate a Public/Private Keypair" button.

    2) The downloaded JSON file answered my formatting question.

    Comment actions Permalink
  • benjamin1983

    What did you do with the string? i.e. What did you do to create the pem file, and did you use openssl (using your passphrase) to decrypt it for use in your app?


    I generated my own, then decrypted all on openssl, but I'd like to try with the auto generated key pair that Box provides.


    Thanks in advance!

    Comment actions Permalink
  • davidswalkabout gives a similar example:

    var serviceAccountClient = sdk.getAppAuthClient('enterprise', 'APP_ENTERPRISE_ID');

    Where does one find one's 'APP_ENTERPRISE_ID' ? There is a "enterpriseID" property in the json file I pass into the Node SDK constructor; is that it?

    Comment actions Permalink

Please sign in to leave a comment.