[.NET] Service Account with Editor Permissions Getting Insufficient Scope Error




  • 正式なコメント
    Alex Novotny

    Hi Daren, 

    Happy to try to help. 

    Can I have the client id associated with the application you're having issues with? 


    Alex, Box Developer Advocate

    コメントアクション Permalink
  • Daren Porter ASR

    Hi Alex,

    Thank you for following up.  I was actually able to solve the problem by re-creating the app and re-inviting the new Service Account, though I'm not sure what was preventing it from working correctly originally.  For any future readers, here are all of the steps I had to follow to allow my Service Account to upload to an existing Enterprise folder:

    1. In the developer console, create a new Custom App and select JWT Auth as the method of authentication.
    2. In the app's Configuration tab, set App Access Level to "App + Enterprise Access"
    3. Select any other Actions the app will need to perform under Application Scopes (everything I needed was already selected after changing the above)
    4. Under "Add and Manage Public Keys", generate a new key pair and download the JSON configuration file
    5. Request authorization from enterprise admin to generate a Service Account
    6. Once authorized, copy the Service Account's generated email address as listed under "Service Account Info" in the General Settings tab
    7. Navigate back to the target folder / box location and Manage Collaborators.  Invite the Service Account to collaborate with at least Editor-level permissions.

    After doing all of the above, I was able to authenticate successfully and upload a file to my target folder.  My guess is that my initial app was unintentionally created as a Limited Access App, so even though it was explicitly listed as a Collaborator before, the overall app permission wasn't enough to permit the upload.  A total guess, but either way the above steps should work for anyone in a similar position.

    コメントアクション Permalink
  • Alex Novotny

    Awesome. Thanks for letting me know. Reach back out if you have further issues!

    コメントアクション Permalink