Level up your Box knowledge with brand new learning paths on Box University. Visit training.box.com to get started

Box as a central storage

Answered
New post

Comments

7 comments

  • Kourtney

    Hello, 

     

    Thanks so much for using our platform and development forum! 

     

    The use case you're describing is definitely feasible!  To clarify, are you planning on creating an app user for each person? Why I ask is that I don't want you to run into issues with rate limits and everything going through one service account. We have two to keep in mind: 10 API calls per second per user and 4 uploads per second per user.

     

    Best, 

    Kourtney

    0
    Comment actions Permalink
  • krishna-nagaraj

    Thanks for your reply.

     

    Let me clarify my scenario. There will be one admin user, who would want to have access to all files in the account and not just via the API. So he should be able to login in box.com and graphically view and manage the files. 

    When I asked the question earlier, I was confused. I thought for all the app users (here app users refers to users of my health monitoring app), I would give access and refresh token of the "Admin User".  Question 1) I think this is not feasible right?

     

    So, after your answer I got to know about one more possibility, that I could create app users for each user of my app.

    Now, Question 2) for this architecture where one admin user with a proper box login, and multiple "app-users", can you help me find API examples or some docs. I am confused how to do that.

     

    Thanks a lot!

    0
    Comment actions Permalink
  • krishna-nag

    I am having much confusion. There is a folder in the admin account. Now how do I add files to this folder using app users?

    0
    Comment actions Permalink
  • Kourtney

    Hello, 

     

    So when you create an app using standard oauth2 with JWT auth, a service account will automatically be created. This service account will own all your content. Then, you can have app users that upload into the folder structure as collaborators. 

     

    I thought for all the app users (here app users refers to users of my health monitoring app), I would give access and refresh token of the "Admin User".  Question 1) I think this is not feasible right?

    You can do this two ways. You can either get access/refresh tokens for each app user or you can get one for your service account and use the as-user header to act on behalf of your app users. 

     

    Question 2) for this architecture where one admin user with a proper box login, and multiple "app-users", can you help me find API examples or some docs. I am confused how to do that.

    There is a folder in the admin account. Now how do I add files to this folder using app users?

    You will need to do one of the things I mentioned above: either get a token pair for the app user or use the as-user header. Once you're acting as an app user (you can verify this by using the get current user endpoint), you can use the upload endpoint

     

    Best, 

    Kourtney

     

    0
    Comment actions Permalink
  • krishna-nag

    Thanks a lot!

    So now, I have decided that I will create app-user, for each person who downloads my app. 

    Now, this app user has been assigned an initial access token. Then, I am having  difficulty in understanding how to authenticate this app user and make api calls from that.

    BoxAuthentication.BoxAuthenticationInfo info = new BoxAuthentication.BoxAuthenticationInfo();
    // Populate info with as much information known as possible. If the access token is not provided the refresh provider implementation's launchAuthUi method will be invoked.
    info.setAccessToken("the first access token");
    
    BoxSession session = new BoxSession(context, info, REFRESH_PROVIDER_IMPL);
    session.authenticate();

    I came across this in the android box-sdk, where I could authenticate using the access token obtained in the beginning.

    Here, I don't know what to do with REFRESH_PROVIDER_IMPL. How to renew the access token? 

    I could not find that in sdk, or in the API calls.

    Can you please help me figure out how to renew the access token? or just what exactly should my REFRESH_PROVIDER_IMPL be?

     

    Thanks a lot in advance! 

    0
    Comment actions Permalink
  • krishna-nag

    Basically I want to know  once an app user is created, how to use that user to upload, without any manual user requirement.

    App user has an access token, using which I want to be able to create client object to manage uploads.

    0
    Comment actions Permalink
  • Bhavdip Bhalodia

    Hi

    Have you find out any resolution in your issue. As I want to do same as you wanted before.

     

    Thank you

     

    0
    Comment actions Permalink

Please sign in to leave a comment.