JWT access folders and files
Answered
1. Created a JWT application, with all possible application scopes, both advanced features turned on
2. In the admint console approved access to all Users
3. Using box_sub_type as "enterprise" while retrieving the accesstoken
4. When is access https://api.box.com/2.0/folders/0 I am getting the empty response as expected
5. When I pass a folder id to the above URL, i see the below error.
https://api.box.com/2.0/folders/81512160337
{"type":"error","status":404,"code":"not_found","context_info":{"errors":[{"reason":"invalid_parameter","name":"item","message":"Invalid value 'd_81512160337'. 'item' with value 'd_81512160337' not found"}]},"help_url":"http:\/\/developers.box.com\/docs\/#errors","message":"Not Found","request_id":"c1g5g8g5cxrtvxwm"}
6. When i try to search with a valid folder name, i see the below error
https://api.box.com/2.0/folders/search?type=folder&query=testEventTypes
{"type":"error","status":405,"code":"method_not_allowed","help_url":"http:\/\/developers.box.com\/docs\/#errors","message":"Method Not Allowed","request_id":"3pqzqeg5cxgh5oyr"}
-
Hi , so there are 2 issues here.
Firstly, when you authenticate through JWT you are not authenticated as a regular Box user, but as a Service Account. This Service Account has its own root folder and folder structure, and doesn't by default have access to folders owned by other users.
The simplest way to gain access to a folder owned by another user is to either collaborate (share) that folder with the service account, or to explicitly authenticate as that user with the As-User header.
https://developer.box.com/reference#as-user-1
As for your second issue, you seem to be getting that error because /folders/search is not an API endpoint we support. We do have a /search endpoint, which I think is what you were looking to use.
Please sign in to leave a comment.
Comments
3 comments