Level up your Box knowledge with brand new learning paths on Box University. Visit training.box.com to get started

Box Status

"Server Authentication (with JWT)" versus "Server Authentication (Client Credentials Grant)"

S’abonner
Nouvelle publication
Steve DeBusschere

My application needs to access all Box user accounts in the Box enterprise. I'm trying to decide whether to use "Server Authentication (with JWT)" or "Server Authentication (Client Credentials Grant)". Using JWT requires an additional public/private key. Is this authentication option more secure? When should I use one versus the other? 

0

Commentaires

4 commentaires

Date Votes
  • Mr. Smith

    Could somebody at Box respond to this two-month-old question?

    0
    Actions pour les commentaires Permalien
  • Steve DeBusschere

    This is pretty bad support...3 months without any response from Box.

    0
    Actions pour les commentaires Permalien
  • Mr. Smith

    In hopes of getting attention from someone in Box's Support department, I wrote this today:

    https://support.box.com/hc/en-us/community/posts/4411241935379-Nobody-in-Box-Support-has-responded-to-our-support-request-from-three-months-ago

     

    0
    Actions pour les commentaires Permalien
  • Chris Daniels

    Apologies for the delay Steve, and thanks for the call out Mr. Smith.

    It really depends on what your end goal is here. Both authentication options are secure, but JWT authentication is more suited for app users, or for users that don't have a Box account already.  Utilizing the Client Credentials Grant or Client Side authentication, is ideal for users that already have Box accounts and is the most user friendly.


    I recommend you take a look at our developer documentation that deals specifically with authentication. That documentation can be found here.

    0
    Actions pour les commentaires Permalien

Vous devez vous connecter pour laisser un commentaire.