Stuck at Constructing the JWT Assertion
So I have gone through steps 1 through 3 listed here in setting up my application. I am now going through the process of creating a JWT. I understand the header, however, I am confused as to the "sub" field in the payload of the JWT. The documentation says the "sub" field is either of the following
- enterprise_id for a token specific to an enterprise when creating and managing app users.
- app user_id for a token specific to an individual app user.
How can I get an "app user_id" if I have not yet created an App User? That step is #8 and has not taken place yet?
-
Here's the process to create an App User using JWT authentication and then generate an access token for that App User:
- Generate an enterprise access token using JWT authentication. For the sub field, specify your enterprise id as the value. Your enterprise id is available on this page.
- Create an App User using this endpoint. Use the enterprise access token from step 1 to authenticate.
- Generate an App User access token using JWT authentication. For the sub field, specify the id for the App User you created in step 2 as the value.
-
Thanks for the reply! I see now how to generate the App User access token. How does this get me to where I can access a Box.com users files? At some point, I would need an access token specific to a Box.com user's account so I could read/write files to their account. My application is a service that runs nightly so there is no end user involvement.
Please sign in to leave a comment.
Comments
2 comments