Welcome to the new Box Support website. Check out all the details here on what’s changed.

Server Authentication usage

New post



  • Official comment

    Hey Steve, 

    When you create a grant using client credentials grant, a service account user is created as soon as the app is authorized in the Admin Console. When you specify the enterprise ID in the grant, you'll obtain an access token for this user by default. A service account will be created for the app in each EID the app is authorized in. You will not be able to access content in a non-managed user's account (aka a user in another enterprise). 

    Hope that helps, but let me know if you have any questions! 


    Kourtney, Box Developer Advocate

    Comment actions Permalink
  • Steve DeBusschere


    If you change the enterprise ID to another Box account that has also authorized the app, you can see their content without knowing their login credentials. We tested this and was surprised that it was true.



    Comment actions Permalink

Please sign in to leave a comment.