We have a situation where we can find links pointing to Box files in user's local PC files in the following format.
We know which Enterprise this file points to but we don't know which user is the owner of this file.
We have an authentication setup for the Enterprise (JWT or Client Credentials Grant). However, we don't see a way to retrieve the file without knowing the user. The service account user does not see the file.
We were able to retrieve the file only by passing asUser header or explicitly generating a token for the owner of that file.
Is it possible to know the owner of the user by file ID or be able to retrieve the file without passing asUser header/generating user token?
P.S. We've read about Global Content Manager (GCM) at https://developer.box.com/guides/api-calls/permissions-and-errors/scopes/. If this is the only option than we have additional questions
1. Can any of our customers easily enable it on their own JWT/Client Credential Grant app's Service account user?
2. How many days does it usually take to enable it?
3. Whenever it is enabled what access service account user gets on the enterprise files? Read-only? Can service account user upload files without passing asUser header/generating user token too? If yes, will Box web UI show last modified user as "Service Account XXX"?