Welcome to the new Box Support website. Check out all the details here on what’s changed.

Cannot access Event API

Answered
New post

Comments

6 comments

  • Official comment
    Kourtney

    It looks like you've selected AppToken Authorization. This type of authentication is only for use with our preview services and has limited API capabilities. The accessible endpoints can be found here: https://developer.box.com/guides/authentication/app-token/endpoints/

    In order to interact with the events API you will need to select a different authentication type. 

    Comment actions Permalink
  • Chrissy

    Kourtney, will you please be more specific on which kind of auth methods that the Event API support?

    What about JWT?

    0
    Comment actions Permalink
  • Kourtney

    Hey Christina! Happy to elaborate here. You can use either Standard OAuth2 or JWT with the events endpoint. The only authentication method that will not work is app token auth. 

    0
    Comment actions Permalink
  • Chrissy

    Thanks!
    Hope I'm not hijacking the post, but maybe others will find my question related to this helpful;
    I get the same 403 forbidden error while using JWT auth with my application (authenticating as the service account of my app via the .json file) on the events endpoint. But using other endpoints with my app goes fine. Then, when I use the developer token (and authenticate as my current user) the events endpoint returns successfully.

    Are you sure about the JWT support? Or are there any prereqs. for this auth method combined with this endpoint?

    1
    Comment actions Permalink
  • Kourtney

    When you generate a developer token it will be associated with whatever user is logged into the developer console when you click the generate button. The events endpoint can only be used by admins or co-admins with proper permissions, so if this user does not have those privileges you'll receive a 403. This is noted here: https://developer.box.com/reference/get-events/. 

    Hope that helps! 

    1
    Comment actions Permalink
  • ashwant

    So there is no way to use events API with a non expiring token,
    What is the easiest way to refresh the tokens programmatically without app tokens?

    0
    Comment actions Permalink

Please sign in to leave a comment.