Welcome to the new Box Support website. Check out all the details here on what’s changed.

Box Status

How to Download/Upload files via BOX API without user physically granting access via the browser

Answered
Follow
New post
daijunglee

Hi,

 

I am trying to automatically download/upload files from/to BOX via the API using a PowerShell script.

 

I have followed the following guide (https://developer.box.com/docs/getting-started-box-platform) and I am struggling to find a way to grant access without user clicking on the browser.

 

I have looked into the following discussion (https://community.box.com/t5/Box-Developer-Forum/Re-How-I-can-connect-to-OAuth2-from-server-side-script-without/m-p/1980#M171) and it seems like it is not possible without interacting with the browser.

 

I am looking into the Authentication with JWT. This seems promising, but I am not 100% sure. Is this the official way of doing this kind of task? 

 

Thanks, 
Daniel

0

Comments

2 comments

Date Votes
  • Jason

    Hi ! 

     

    Great find on seeing those other pages. You're on the right track - Authentication with JWT is the recommended way to go if you don't want users to have to interact with the browser in Standard OAuth2.

     

    I wrote up a more detailed explanation in another post here:

    https://community.box.com/t5/Box-Developer-Forum/Simple-use-case/m-p/45256#M3276

     

    And here's the bit thats more relevant to how Box controls "granting access" to applications.

     

    On Box, there always has to be some sort of authorization for an app to act on a user's account. If there is user interaction (Standard Authentication), the user explicitly grants access. If there's not user interaction, the administrator of the user's enterprise must authorize the application via their admin console, which then allows access to that enterprise's users. That's Server Authentication, which is described more in detail here:

    https://developer.box.com/v2.0/docs/authentication-with-jwt

     

    And you can see more of a comparison between the two here:

    https://developer.box.com/v2.0/docs/authentication

     

    And of course in order to get at the uploads/downloads, you have to have an access token first, which is where the different processes for "granting access" come in. Hope that helps!

     

    Thanks,

    Jason

    0
    Comment actions Permalink
  • daijunglee

    Thank you  for the detail explanation! Greatly appreciate it! This seems to make sense and clear up my confusion!

    0
    Comment actions Permalink

Please sign in to leave a comment.