Level up your Box knowledge with brand new learning paths on Box University. Visit training.box.com to get started

Server Authentication usage

Answered
New post

Comments

2 comments

  • Official comment
    Kourtney

    Hey Steve, 

    When you create a grant using client credentials grant, a service account user is created as soon as the app is authorized in the Admin Console. When you specify the enterprise ID in the grant, you'll obtain an access token for this user by default. A service account will be created for the app in each EID the app is authorized in. You will not be able to access content in a non-managed user's account (aka a user in another enterprise). 

    Hope that helps, but let me know if you have any questions! 

    Best,

    Kourtney, Box Developer Advocate

    Comment actions Permalink
  • Steve DeBusschere

    Kourtney,

    If you change the enterprise ID to another Box account that has also authorized the app, you can see their content without knowing their login credentials. We tested this and was surprised that it was true.

    Steve

     

    0
    Comment actions Permalink

Please sign in to leave a comment.