Goal: To allow anonymous uploads from a public web front-end to box.com.
Requirements: A whitelabel experience, ie. no box.com branded Upload Widget.
How can I do this securely?
From my research so far I will need to have a microservice for creating Downscope Token with for the front-end, allowing only `item_upload` scope to a yet-to-be-created resource_id?
Is this a good route to go, am I missing a clearer solution to my problem?
Please sign in to leave a comment.