List recently accessed items - 403 Forbidden

I've created an .net core application that uses the Box API to provide a set of features.

The authentication is performed using jwt without sdk, as described here.

After authenticating, all requests to the Box API use the Token obtained in the authentication process.

All Box Api endpoints i tried are working correctly, as the endpoints for Folders, Files, Metadata, etc.

The latest Api endpoint i tried to use was the List recently accessed items, documented here.

For some reason that i'm not understanding, when using the same Token that provides access to all API endpoints i tried as Folders, Files, Metadata, etc, the 2.0/recent_items endpoint, returns a 403 Forbidden error.

Here the details of a request to the endpoint.

GET /2.0/recent_items HTTP/1.1
Host: api.box.com
Authorization: Bearer xYjRMUwfEqlimbIQbglDBlBu1OKbd---

The response:

403 Forbidden

Date: Sat, 08 Feb 2020 21:49:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
BOX-REQUEST-ID: 1ff7f21bace5e2b5684208244542e8154

When using the exact same Token for a different endpoint, everything works as expected, for example:

GET /2.0/folders/0/items HTTP/1.1
Host: api.box.com
Authorization: Bearer xYjRMUwfEqlimbIQbglDBlBu1OKbd---

The Response:

200 OK

Date: Sat, 08 Feb 2020 21:51:39 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store
Vary: Accept-Encoding
BOX-REQUEST-ID: 0fc1d76e650d40ea4b8397ac98ffbfee8

The documentation does not suggest anything specific regarding Authorization.

Is there anything missing on the documentation, something i need to configure, etc?

What am i missing, and why is it not working?

Thank you very much!

The selected application (KTnext) is authorized to access the following within your enterprise: Read and write all files and folders stored in Box Manage groups Manage webhooks v2 Manage enterprise properties Manage retention policies Admin can make calls on behalf of Users Enable integrations Manage users Manage app users Generate Tokens For the following users: All Users

Box Product Support

2020年02月08日 17:13

When checking the App Authorization, it has all the available scopes, so i can't understand why listing the recent files is failing:

What am i missing?

WimDecorte

2021年09月22日 15:38

still an issue: https://support.box.com/hc/en-us/community/posts/4406746382995-403-unauthorized-when-calling-for-recent-items-box-node-sdk

2021年10月25日 14:06

Anybody?

Also asked the question on GitHub to get a little more traction. This is currently blocking an integration project.

https://github.com/box/box-node-sdk/issues/678

コメント