Welcome to the new Box Support website. Check out all the details here on what’s changed.

Box Status

Way how to connect existed box storage via server side

Follow
New post
Roman L
  • Edited

Hi, thanks in advance for help, I'm really new in Box so maybe someone could give me direction ..

My current task:

  • I'd like to use my web application as a client to Box API (just limited set of functions).
  • I need to connect to my web app as many Box storages (accounts) as it needs and safely store them to use during operations with Box API  (i'll give ui form for this to web app users who want to connect their Box storages to my web app)
  • I have some automated functionality that uses Box API (here I understand that I need something like server authentication because I can't use OAuth or something that needs user to give web app rights every time when it needs to use API)

So the main flow is:

  • user have a Box Storage with\without assets there
  • user want to connect it ti my web app
  • user somehow get credentials for server side auth in his Box account
  • user pass the to my web app
  • wed app can use connection to user storage and use Box APIs

Could someone please give me direction of how to do this? I want to try flow as POC at first. And is it possible at all?

0

Comments

3 comments

Date Votes
  • Alex Novotny

    Hello, 

    We have quite a bit of documentation on this topic on our developer site. Please refer here. Based on your description, I think our Oauth 2.0 authentication type works the best.

    Alex, Box Developer Advocate

    0
    Comment actions Permalink
  • Roman L

    Hi Alex, thanks for reply

    But as I mentioned above I need that my web app make some API calls in automate mode (like nightly check does file still exists).
    And in this case i think that OAuth is not what I'm looking for because it needs user actions "OAuth 2.0 requires the application to redirect end-users to their browser to login to Box and authorize the application to take actions on their behalf."
    Or I mistaken and this action needs only once during first connection?

    Anyway I'd like to use something like server side auth.
    Like secret key or something like this.
    I know that Box have App Token Auth but I can't get how owner of Box storage (when he creates Box App and connects it to my web app) can give access this (created and connected to my web app) Box App to his Box Storage?

    Again thanks a lot for your answers

    0
    Comment actions Permalink
  • Alex Novotny

    When you go through the OAuth flow, you get an access token that's good for 60 minutes.... and a refresh token that is good for 60 days... The only reason they would need to go through the grant access screen again is if its post-60 days from when they set it up initially. 

    0
    Comment actions Permalink

Post is closed for comments.