Level up your Box knowledge with brand new learning paths on Box University. Visit training.box.com to get started

Unable to re-authorize

Answered
New post

Comments

8 comments

  • Official comment
    Alex Novotny

    Hi Mark, 

    Do you have a client_id I can look up on my end? I tried to look it up based on your email, but the enterprise tied to this support post is a free developer account with no applications. 

    Thanks, 

    Alex, Box Developer Advocate

    Comment actions Permalink
  • Mark Pemburn

    Hi Alex,

    Thanks for getting back to me so quickly!  I'm really keen to get this working.  My client ID is: 5pgzihvaltwo5gyscvo8mlskatd1plxf

    Mark

    0
    Comment actions Permalink
  • Mark Pemburn

    Oh also (if you don't mind): I pulled in the Postman environment from your Guides, and the headers for the access token requests include a Bearer token in the Authorization header, and a box_visitor_id in the Cookie header.  I have no idea where these come from, or whether they can be saved for my configuration.  Can you clue me?  Thanks!

    0
    Comment actions Permalink
  • Alex Novotny

    Thank you for the information. 

    You can leave all the pieces in postman as they are.

    The token for authorization can be used if you generate a developer token(valid for 60 mins) in the dev console like this:

    and then use it in a postman call like so:

     

    0
    Comment actions Permalink
  • Alex Novotny

    For the code issue. You want to input that url from postman into a chrome window:

    The code appears in the url bar like below. It is only valid for a very very short amount of time. So, you have to move quickly. 

    You then input the code and the other information in Postman to get a token: 

    0
    Comment actions Permalink
  • Mark Pemburn

    Hi Alex,

    That worked—thank you!

    I was wondering though, how do I translate this into my Laravel-based app environment?  My hope is that all of this can be done completely transparently to the user.  Our vision is that our users can go into our app, click on "Files from Box" and get a dialog that shows them their folders and files. They would navigate to the appropriate folder and select one or more file which would then be automatically copied to our database.  I've done a proof-of-concept on most of this and it will work as described.

    The big thing is either to allow us to connect our app to the user's corporate Box account or, ideally, allow individual users to to connect their Box account to their user profile.  Better still, they could do both.

    So, my question is essentially, is what I outline above possible and, if so, where do go to find a roadmap to this kind of integration?


    Best regards,

    Mark

    0
    Comment actions Permalink
  • Alex Novotny

    Morning Mark, 

    We don't really have roadmaps for every specific kind of integration you can build. That being said, you could follow this guide for doing what you did in postman in an actual application re: OAuth 2.0 authentication. I will say that going that OAuth route will require a user to know you are connecting to Box/using Box at all. This guide goes over our different authentication types and what their user experiences are. If you don't want a user to know you are using Box, JWT will be the best bet. You can also create what are called app users with JWT apps, essentially a user account that can store content for a user in a custom application. 

    Hope this helps!

    Thanks, 

    Alex, Box Developer Advocate

    0
    Comment actions Permalink
  • Mark Pemburn

    Thanks, Alex—think I'll give the JWT route a try.

    0
    Comment actions Permalink

Please sign in to leave a comment.