Box has wonderful integrations for online document editing in word, excel, and adobe pdfs which makes it enticing to use for any document management application. However in an application that is setup using server authorization with JWT and app only access there is a service account created to store the files and app users which seem to be more so artificial and not actual box accounts individually. In this scenario, can individual users that are authenticating against our own identity provider (one of the main reasons to use the server authentication with Box API) edit files online with the online editing tools provided by Box? If so how are they accessing these file in their own individual app user account since Box API makes it seem like these app users are not truly user accounts. I would be curious if all users were granted folder access and were given the web link to each of the files, how would the API know which user is editing the file since there is no user access token generated to specify the box user account editing the file.