Grant permission to a 3rd party application to upload files on behalf of other users

回答済み
新規投稿

コメント

3件のコメント

  • cbetta

    Hi ,

     

    You have a few ways you could approach this. If you go for traditional OAuth 2.0 you can then have a user "log in" with Box and grant you access to write files to their Box account. This would give you a lot of access which might not be what they want, as you will be able to see and write to all their files and folders. The access token for this is valid for 60 minutes, but the refresh token is valid for 60 days, so in theory you can stay authenticated for each user indefinitely.

     

    A better approach might the the following: your application uses JWT to upload the files to a folder owned by your app's service account. You would have a folder for each user you want to share files with, and then you collaborate that Box user into that folder. That way, you don't even need a user to authenticate with you at all. Instead, all you'd need is their email address. 

    0
    コメントアクション パーマリンク
  • JRoeland

    This will do 🙂

    Thanks!

    0
    コメントアクション パーマリンク
  • dallinski

    I'm working on a very similar setup and came to basically the same conclusion as what you stated. But I have one follow-up question: if you use the approach that you propose, you would be limited by the size of your Box account, right?

     

    So if my app uploads 100GB to a folder that Company A is a collaborator on, and 100GB to a folder that Company B is a collaborator on, etc, I would eventually max out my allotted data, right? 

    0
    コメントアクション パーマリンク

サインインしてコメントを残してください。