Welcome to the new Box Support website. Check out all the details here on what’s changed.

Web app OAuth

New post

Comments

3 comments

  • Kourtney

    Hey , 

     

    Could you please share some more information about your use case of your application so I can provide the best possible suggestion on which authentication method to use? 

     

    Best, 

    Kourtney 

    0
    Comment actions Permalink
  • vladimirt

    hi, 

    our app should be capable of reading / writing files to various services - GDrive, Box, Dropbox etc through the OAuth2 authorization flow.

    We have no backend available, so we can't store securely refresh tokens, nor the client secret Id's. For example, for the GDrive we are using scenario described here https://developers.google.com/identity/protocols/OAuth2UserAgent. It performs the OAuth2 implicit grant flow. 

    I'd like to know how to securely perform the OAuth2 authorization to BOX api with no backend (without the client secret Id). Or, is it ok to store the client secret on the client side? 

     

    0
    Comment actions Permalink
  • kevincassidyds

    Hi  , did you every find out if it was possible to achieve this?

    0
    Comment actions Permalink

Please sign in to leave a comment.