Hi guys! I am new here and I am trying to outline the types of users I have in the application I want to build, but I'm getting a little confused about the various user types and which type of application I need to build.
We are building a custom app that we want to integrate Box into for storing sensitive files. Here is the logic:
We are the developers of the app, so naturally, we will have a developer account where we authenticate the app. (Are we the Service Account?)
There are two types of users of the app:
1. Advisors - they will need to log into their Box account for the app to gain access to their files. We want to do this with a Box login screen within the app. (What type of user is this?)
2. Clients - the clients are users that the advisors invite to use the app. They do not need to have a Box account, but need to be able to upload documents to the Box account associated with their advisor. (I think they would be App Users)
I'm getting a little lost between Service Account versus Managed User and how that means they can connect with Box. We want to make sure it's very easy for the Advisors, and they can just use the OAuth interface.
Does anyone have any advice for how to set this up? I appreciate it so much!!!
I'm going to try and help as best I can!
Service Account - When you create and authorize a JWT auth custom app, a service account is automatically created. This account represents the application, as well as creates a separate Box account to store the apps content - similar to a managed user, but you can't log in like a regular user in the main Box web app.
Managed/External User - Managed and external users are essentially the same thing - the only difference is that external users are ones not in your specific Box enterprise instance. These are standard users that can log in via the main Box web app.
App User - Using a service account, you can create app users. An app user is a type of account that doesn't allow you to log in via the main Box web app, but still allows you to store a user's content - a custom portal would be a great example of this.
With your use case, it sounds like you might need two Box applications: one for internal usage that uses OAuth 2.0 and one for external collaboration with app users who use a custom portal of sorts. In any case, I would for sure look into working with our Box Consulting group. They help folks get these types of solutions up and running all the time.
Hope this helps,
Alex, Box Developer AdvocateComment actions
Please sign in to leave a comment.