Insufficient scope for file upload in Python, using JWT
回答済み
Hi, I need to upload documents on a regular basis to an internal Box account with my enterprise app. I have a python script that pulls files across a tunnel and then will need to push them into a specific box folder.
Using JWT, box generated public/private key.
Enterprise app is approved, I have a service account.
I've attached the enterprise app service account to the box folder I want to use, even made them co-owner.
Access token allows me to see the folder, but whenever I try to upload a file to the folder I'm getting these errors:
[31m"OPTIONS https://api.box.com/2.0/files/content" 403 0
{'Date': 'Tue, 15 Feb 2022 16:39:57 GMT', 'Transfer-Encoding': 'chunked', 'Connection': 'keep-alive', 'x-envoy-upstream-service-time': '103', 'www-authenticate': 'Bearer realm="Service", error="insufficient_scope", error_description="The request requires higher privileges than provided by the access token."', 'box-request-id': '0d217a9cfb69f96b33612a57e4b53e785', 'strict-transport-security': 'max-age=31536000'}
b''
[0m
The process worked ok using the 1 hr developer token.
-
Hi,
Are you using our Python SDK? What scopes does the app you created have? And How are you generating the token?
Alex, Box Developer Advocate
-
Hi Alex, yes the Python SDK. Using the JWT token with the dev box created public/private key json rider file that I'm reading in the script.
import boxsdk
from boxsdk import Client, OAuth2, JWTAuth
config = JWTAuth.from_settings_file('<file location>')
client=Client(config)I have the scope to read and write all files stored in box, it has enterprise manage users/groups/properties (it's configured as an App + Enterprise Access) although I don't need to do anything with users, just uploading files from a local folder to a specific box folder on a regular basis.
It's connecting fine, and I can find the folder via the script which was created by me in my enterprise, and I've given the service account multiple different permission levels, including co-owner (although uploader should be sufficient for what I need to do!) without success.
-
I don't think you need to import OAuth2.... Refer to the instructions here
Here's an example of uploading a file too!
-
Yeah, even without loading OAuth2 it still says the same error:
[31m"OPTIONS https://api.box.com/2.0/files/content" 403 0
{'Date': 'Wed, 16 Feb 2022 17:13:20 GMT', 'Transfer-Encoding': 'chunked', 'Connection': 'keep-alive', 'x-envoy-upstream-service-time': '145', 'www-authenticate': 'Bearer realm="Service", error="insufficient_scope", error_description="The request requires higher privileges than provided by the access token."', 'box-request-id': '11d1a55ebb8f28241e0e7eb0025227341', 'strict-transport-security': 'max-age=31536000'}
b''
[0mI can get the Box folder info ok with the token, here is my latest test script (had to double check there wasn't private info)
import boxsdk
from boxsdk import Client, JWTAuth
from boxsdk.exception import BoxAPIException
config = JWTAuth.from_settings_file('C:\\YardiPython\\79150963_5qcdz3aj_config.json')
client=Client(config)
root_folder=client.folder('154957528460')
print(root_folder.get())
cur_user=client.user().get()
print(cur_user)
boxItems = client.folder(folder_id='0').get_items()
for boxItem in boxItems:
boxFoldName = boxItem.name
boxFoldId = boxItem.id
print(boxFoldName,boxFoldId)
if boxFoldName == 'BLVD Leases':
destboxFoldID = boxFoldId
print(destboxFoldID)
try:
box_file = client.folder(destboxFoldID).upload('C:\\YardiFileExtract\\Attachment_name.pdf', preflight_check=True)
except BoxAPIException:
pass
投稿コメントは受け付けていません。
コメント
11件のコメント