looking to use client ID instead of developer token
AnsweredI'm working on a simple application that'll upload a directory to a box account. I've had successful tests creating folders and uploading test documents, but the one thing I'm hung up on is generating a token.
When I look at my app, I'm able to use the generated developer token, but I'd like to use the client id if possible.
I'll admit, I'm pretty new to box and it's API, but I'd like an approach where I can set the credentials instead of having to regenerate them each time. Is this at all possible?
I'm also using PHP to do this. I'm bummed there isn't an official PHP SDK since it's such a regularly used language, but I'm betting that's been discusses on here more than once, and isn't the point of anything of this either.
If anyone has any guidance on how I can achieve a working token without generating one every hour, I'd really appreciate it!
-
hi welcome to the boards!
I'm relatively new here myself and faced the same challenge in an integration I was building. I am by no means an expert but I do know that the only 2 token types you can use with Box are the developer tokens which have a timespan of about 60 mins or so (could be wrong on the timespan but it definitely is not forever and less than 24hrs). The other type of token is a JWT Token (JSON web token). The JWToken is what you would be looking for but generating one is NOT very well documented, at least I had a lot of trouble creating one but I did eventually get it going.
To obtain a JWToken you will need to follow this guide, it doesn't cover all questions you may have but it does have the high-level steps that will lead you towards generating a JWToken that does not expire.
Hope that helps steer you in the right direction!
-
Thanks, that does help. I'm using Box through my university. I've been working on the JWT login and I won't lie, the error messages are less than clear, lol. One issue I'm running into is, in the documentation, it says you have to grant access in the Enterprise Admin Console. That's either something I can't find or don't have access to. I did go back into the app and changed the application access to "Application". but now I'm getting a JTI error message. It definitely seems to be a slow process with lots of trial and error.
-
It definitely is far from a straight forward process that is for sure.
In the dev console you need to of course enable the JWT authentication method and add a publkc key.
On the enterprise console (which you may not have access to) you need to enter your client ID in the application settings under "Unpublished Applications" section assuming you are disallowing published and unpublished apps by default.
Also, would need to authorize a new app in the custom applications setting.
Lastly, you will need to create a user for your app as well.
This is how I have mine setup, there is probably a cleaner way to do this but this works for what I need.
You can find the enterprise settings by going to the 'Admin Console' (assuming you have access to this). and then clicking on the Gear icon on the top right and selecting enterprise settings (assuming you have access to this) and then lastly clicking on the 'Apps' link.
Hope that steers you in the right direction.
-
That turned out to be my bigger issue, I found out I don't have access to the enterprise console. I wound up rewriting it all to use oauth and things are working perfectly. The error messages aren't always very accurate though, after struggling for a couple days to figure out why I was getting an insufficient permissions message on creating a shared link, I realized I was using POST instead of PUT. I guess it's on me for overlooking that tag in the documentation, though the error message really didn't help put me back on the right trail, lol
Please sign in to leave a comment.
Comments
4 comments