Level up your Box knowledge with brand new learning paths on Box University. Visit training.box.com to get started

Grant credentials are invalid

New post

Comments

9 comments

  • Peter Christensen

    HI

    Yes, you do need to have the app authorized before you can use it to generate a token using the client credentials grant.

    Best regards,
    Peter Christensen, Platform Solutions Engineer, Box

    0
    Comment actions Permalink
  • Nidhi Joshi

    Thanks for the reply @Peter Christensen

    Just wanted to know who will authorize the app?

    I am using below syntax of payload is this correct or I need to modify this?

    string payload = 'grant_type=client_credentials&client_id='+clientid+'&client_secret='+clientpassword+'&username='+username+'&password='+password;
     req.setBody(payload);

    Thank you.

     

     

     

    0
    Comment actions Permalink
  • Peter Christensen

    The app will be authorized by your Box admin. When you submit for authorization they will get an email and can action your request. You can submit via the 'Authorization' tab in the developer console page for your app

    You should never put password in the payload with Box API. For client credentials grant please see this guide https://developer.box.com/guides/authentication/client-credentials/#how-to-use

    Rgds,

    Peter

    0
    Comment actions Permalink
  • Nidhi Joshi

    Hi Peter Christensen,

    Just wanted to know is there any way by which we don't need to authorize the app and we can still use it? Basically I want to integrate Salesforce to Box.

    Thanks,

    Nidhi

     

    0
    Comment actions Permalink
  • Peter Christensen

    Hi 

    If your access is backend only then your best option is to use the client credentials or JWT app server side apps. Both of these need admin approval and there is no way around this. 

    You could look at the standard 3-legged OAuth app which is what our existing Salesforce integration use. In most cases this does not require central admin approval but does require explicit approval by a user before you can request a token and is mostly used when there is a user persona interacting directly with Box.

    Rgds,
    Peter

    0
    Comment actions Permalink
  • Nidhi Joshi

    Peter Christensen, I have authorized my app by box admin, but still Iam getting 'grant Credentials invalid error'.

    Client ID : 0ahcovdzholujrpt39uh42r95i6i979m

    App access level is - App only access

    Authentication method is - OAuth 2.0 with Client Credentials Grant (Server Authentication)

    Basically I am trying to create a folder on box from Salesforce

    I’m following the guidelines mentioned. Payload which I am sending in the http request :

    string payload = 'client_id=' + clientid + '&client_secret=' + clientpassword + '&grant_type=client_credentials&box_subject_type=user&box_subject_id=' + boxSubjectId;

    Please help.

    Thanks

     

     

    0
    Comment actions Permalink
  • Peter Christensen

    Hi 

    To use the 'box_subject_type=user' you must have 'Generate user access tokens' advanced feature set in your app configuration. Also if the userId belongs to a managed user (a standard box user with box login) the app must have 'Enterprise' scope. Otherwise the app can only interact with app users created by the app.

    Note that you have to re-authorize the app when you change scopes and features. 

    0
    Comment actions Permalink
  • Nidhi Joshi

    Peter Christensen, ok, so either I can choose 'App Access Only' Scope with 'Generate user access tokens' feature set or 'Enterprise' scope. Am I right?

    0
    Comment actions Permalink
  • Nidhi Joshi

    Peter Christensen, I am getting 'API upload did not contain a file part ' error while uploading file to box. Could you please help me with the possible reason for this error? Thanks

    0
    Comment actions Permalink

Post is closed for comments.