Is it possible to access a shared external folder using JWT authentication?
回答済みGreetings,
I am trying to integrate our app with Box, so we could upload some files to an external folder, shared by a customer from their Box account. This folder is visible to our Box account as an External folder and is shared with my_user as an editor.
So far, we could create a first version of a custom app in our Box account, using the Python sdk. This app was configured with OAuth2.0 authentication and using a Developer token. Considering this, we could access this external folder and upload files to it, using our python code with oath2.0 client and developer token.
What we want now is a more automatic approach, without human interaction, so we won't need to generate this developer token every time.
For this, we modified our app using JWT authentication and impersonating the client as my_user (which should have access to this external folder). Now, our app can access the existing folders from our Box account, but when we try to access this external folder, it returns "404 - Not Found".
Can you guide me if do we need any extra configuration from this JWT client or in this external folder?
Here is our app configuration in Box developer console:
- Authentication Method: OAuth2.0 with JWT
- Application Access: Enterprise
- Application Scopes: ( all options are checked )
- Advanced Features:
- Perform Action as Users - ON
- Generate User Access Tokens - ON
(this app is already authorized by our admin after setting this configurations)
Here is a code sample:
auth = JWTAuth.from_settings_file('my_key_file.json')
# works fine here...
-
正式なコメント
Hello Arthur,
External content cannot be accessed via the as-user header. Therefore, you will need to directly obtain an access token for the user.
Best,
Kourtney
コメントアクション -
Arthur,
This is done in your JWT assertion. You'll want to set the box_sub_type=user and sub=userID you want the token for.
Best,
Kourtney
-
Hi Kourtney,
This link that I your shared was very useful and I could move on with the JWT assertion.
Specially the Code Samples section, where there is this github repo with complete code examples on how to use the JWT assertion, in my case using Python3:
https://github.com/box-community/samples-docs-authenticate-with-jwt-api/blob/master/sample.3.py
I just used this code and the modifications that you suggested for the token and it works, I can access and modify the external folder.
Thanks a lot.
サインインしてコメントを残してください。
コメント
4件のコメント