Level up your Box knowledge with brand new learning paths on Box University. Visit training.box.com to get started

Is service account user more prone to throttling?

New post

Comments

3 comments

  • Mr. Smith

    Dear Box Support, could you please reply to this query that is now six months old?

    1
    Comment actions Permalink
  • Mr. Smith

    I created another issue to bring visibility back to the issue you are reading. It is here:

    https://support.box.com/hc/en-us/community/posts/4417142879891-Please-reply-to-six-month-old-forum-query-about-throttling-and-service-accounts-

    0
    Comment actions Permalink
  • Paul

    Hey Vahe,

    1. Each enterprise that authorizes an application has a separate service account generated that is unique for that enterprise. That account only has access into any content it may own and only the enterprise that authorized the application. With regards to rate limiting, each one of those service accounts will be under a separate rate limit that defers to our standard rate limiting policies, there is not a special rate limit for service accounts.

    2. In both authentication options, there is a portion that should never be exposed to the customers. For JWT that is your key pair, for client credentials grant that is your client secret. In both cases the admins would authorize the application by using the client id, but the token generation process should never take place in a manner where either your client secret or the key pair is exposed to the end users.

    3. The main admin of the enterprise by default has the ability to utilize the As-User header when using a token generated from their account. For Co-Admins that would want to do utilize that header they would first need to be granted the correct Co-Admin permissions. "Log in to users' accounts" would be the minimum required permission to utilize the As-User header, but depending on what actions you want to perform you will likely need other co-admin permissions as well.

    0
    Comment actions Permalink

Post is closed for comments.