Server Authentication usage
AnsweredMy app will be used by other Box customers to access their files. I am testing the custom app authentication options that will allow my app to access every user's files within an enterprise account. I created a "Server Authentication (Client Credentials Consent)" app registration and consented to the app from two different Box accounts (e.g. "A" and "B"). I found that it is possible for account "A" to access the files in account "B" by specifying the enterprise ID for account "B". Is there no way to use the same app registration for multiple Box accounts? What is the recommended practice to build a "multi-tenant" application?
-
Official comment
Hey Steve,
When you create a grant using client credentials grant, a service account user is created as soon as the app is authorized in the Admin Console. When you specify the enterprise ID in the grant, you'll obtain an access token for this user by default. A service account will be created for the app in each EID the app is authorized in. You will not be able to access content in a non-managed user's account (aka a user in another enterprise).
Hope that helps, but let me know if you have any questions!
Best,
Kourtney, Box Developer Advocate
Comment actions
Please sign in to leave a comment.
Comments
2 comments