Level up your Box knowledge with brand new learning paths on Box University. Visit training.box.com to get started

Web app OAuth

Nouvelle publication


3 commentaires

  • Kourtney

    Hey , 


    Could you please share some more information about your use case of your application so I can provide the best possible suggestion on which authentication method to use? 




    Actions pour les commentaires Permalien
  • vladimirt


    our app should be capable of reading / writing files to various services - GDrive, Box, Dropbox etc through the OAuth2 authorization flow.

    We have no backend available, so we can't store securely refresh tokens, nor the client secret Id's. For example, for the GDrive we are using scenario described here https://developers.google.com/identity/protocols/OAuth2UserAgent. It performs the OAuth2 implicit grant flow. 

    I'd like to know how to securely perform the OAuth2 authorization to BOX api with no backend (without the client secret Id). Or, is it ok to store the client secret on the client side? 


    Actions pour les commentaires Permalien
  • kevincassidyds

    Hi  , did you every find out if it was possible to achieve this?

    Actions pour les commentaires Permalien

Vous devez vous connecter pour laisser un commentaire.