JWT Auto-Login to Webpage with Box Embeded Widget
I would like to open a webpage that contains the Box Embeded widget, but will automatically authenticate using JWT server authentication. The sign in would be transparent to the user and everyone would use the same service account. Is this possible? I have an application created and the OAuth 2.0 with JWT authentication works but I'm unsure how to open the webpage with the embeded widget after authentication. Everytime the page loads I am prompted for the box username and password to be entered. The reason the widget must be used is so that the user has search available to them as well as defaulting to grid view. Our use case is very similar to this previously closed post. https://community.box.com/t5/Archive-Forum/Box-Embed-Auto-Login/td-p/52498
Thanks in advance.
-
Hi ,
Just so that I'm clear on the use case, basically you:
- Go through the JWT / OAuth 2 flow with you application.
- All content for the shared links will be stored in the service account of the application.
- You then generate a Box embed widget for a piece of content selected.
If I have that correct, here's how I would approach it:
First you have the JWT auth process that gives you a valid access token / client object to access all of the data within the service account. Once you know which piece of content that you would like to load up in the Embed widget, you will get a shared link for that content.
The Box embed widget code looks something like this, expecting a shared link in the iframe:
When you load up a new page with that embed widget, you can potentially use an HTML templating system like pug (or something in the language you're using). This will allow you to inject variables (like the shared link value) into the HTML when rendered. You can also use JavaScript directly to adjust that value for the source. That will allow you to dynamically change the source of the iframe.
Hope that helps,
Jon
Please sign in to leave a comment.
Comments
1 comment