List recently accessed items - 403 Forbidden

Follow

New post

Box Product Support

• February 08, 2020 13:56

I've created an .net core application that uses the Box API to provide a set of features.

The authentication is performed using jwt without sdk, as described here.

After authenticating, all requests to the Box API use the Token obtained in the authentication process.

 

All Box Api endpoints i tried are working correctly, as the endpoints for Folders, Files, Metadata, etc.

The latest Api endpoint i tried to use was the List recently accessed items, documented here.

 

For some reason that i'm not understanding, when using the same Token that provides access to all API endpoints i tried as Folders, Files, Metadata, etc, the 2.0/recent_items endpoint, returns a 403 Forbidden error.

 

Here the details of a request to the endpoint.

 

GET /2.0/recent_items HTTP/1.1
Host: api.box.com
Authorization: Bearer xYjRMUwfEqlimbIQbglDBlBu1OKbd---

 

The response:

 

403 Forbidden

Date: Sat, 08 Feb 2020 21:49:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
BOX-REQUEST-ID: 1ff7f21bace5e2b5684208244542e8154

 

When using the exact same Token for a different endpoint, everything works as expected, for example:

 

GET /2.0/folders/0/items HTTP/1.1
Host: api.box.com
Authorization: Bearer xYjRMUwfEqlimbIQbglDBlBu1OKbd---

 

The Response:

200 OK

Date: Sat, 08 Feb 2020 21:51:39 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store
Vary: Accept-Encoding
BOX-REQUEST-ID: 0fc1d76e650d40ea4b8397ac98ffbfee8

 

The documentation does not suggest anything specific regarding Authorization.

Is there anything missing on the documentation, something i need to configure, etc?

What am i missing, and why is it not working?

 

Thank you very much!

 

 

0

• 

  Box Product Support

  • February 08, 2020 17:13

  When checking the App Authorization, it has all the available scopes, so i can't understand why listing the recent files is failing:

  The selected application (KTnext) is authorized to access the following within your enterprise:
  Read and write all files and folders stored in Box
  Manage groups
  Manage webhooks v2
  Manage enterprise properties
  Manage retention policies
  Admin can make calls on behalf of Users
  Enable integrations
  Manage users
  Manage app users
  Generate Tokens
  For the following users:
  All Users

   

  What am i missing?

  0

  Comment actions Permalink
• 

  WimDecorte

  • September 22, 2021 15:38

  still an issue: https://support.box.com/hc/en-us/community/posts/4406746382995-403-unauthorized-when-calling-for-recent-items-box-node-sdk

  0

  Comment actions Permalink
• 

  WimDecorte

  • October 25, 2021 14:06

  Anybody?

  Also asked the question on GitHub to get a little more traction.  This is currently blocking an integration project.

  https://github.com/box/box-node-sdk/issues/678

  0

  Comment actions Permalink

Please sign in to leave a comment.