Reputation: 11269
Unable to use Box API Enterprise API with OAuth2 authenticated app
What I understand is Enterprise API from Box works only with server-server JWT auth and not like OAuth2 based authentication. Box integrations which haveOAuth2 based authentication support only Content API and not the Enterprise API.
Is there way to have OAuth & Ebterprise API at the same time? (I essentially want to manage users & groups any third party enterprise)
Any thoughts/pointers? Thanks in advance!
Upvotes: 0
Views: 259
Answers (1)
Reputation: 8035
What I understand is Enterprise API from Box works only with server-server JWT auth and not like OAuth2 based authentication.
This is not correct, though I can see how you could arrive at that understanding. You can work with the Box Enterprise API using traditional 3-Legged OAuth. In fact, for many years 3-Legged OAuth was the only way to work with the Box API.
In order for a 3-Legged OAuth access token to make Enterprise API calls:
- The appropriate Enterprise scopes must be selected in the app configuration.
- The token must have been issued for a user with enterprise admin/co-admin privileges.
The relationship between JWT auth and the Enterprise API is one of convenience. Enterprise API apps are often non-interactive server-side scripts and/or scaled out to multiple processes. In these scenarios JWT is much easier to work with than 3-Legged OAuth.
Upvotes: 2
Related Questions
- Box API token request enterprise configuration issue
- Box oauth2: Invalid grant_type parameter or parameter missing
- invalid_grant error when attempting oAuth2 for Box API
- Configuring BOX OAuth app for iOS & Desktop
- Android Box API unable to function after initial OAuth
- Login with Box account
- box.com api OAuth authentication
- Box OAuth2 Authorization on Android
- Error when authenticating Box app with Enterprise account that uses SSO
- Box API 2.0 doesn't accept auth_token, whereas v1.0 does