I am trying to implement a particular functionality where i am trying to retrieve the download url of a file in one of the folders using box’s api.

I have created a box application with OAuth 2.0 with JSON Web Tokens (Server Authentication).

below mentioned is my application’s scope:

Application Access

All Users

Application Scopes

• Manage groups
• Manage retention policies
• Manage signature requests
• Read and write all files and folders stored in Box
• Manage app users
• Enable integrations
• Manage enterprise properties
• Manage users
• Manage Relay
• Admin can make calls on behalf of users
• Manage webhooks v2
• Generate user access tokens

I am using boxsdk python to write my functions / api’s. Below is my code snippet which mentions how my client is initialized and the api where i am facing the issue “Message: Access denied - insufficient permission”.

user_to_impersonate = client.user(user_id='eUSER_ID]')
user_client = client.as_user(user_to_impersonate)

def get_download_url():
    """
    API endpoint to get the download URL of a file from Box.
    Query Parameters:
        file_id (str): The ID of the file in Box.
    """
    try:
        # Get Box client
        client = get_box_client()

        # Get the file ID from query parameters
        file_id = request.args.get('file_id')
        if not file_id:
            return jsonify({'error': 'file_id is required'}), 400

        # Fetch file information from Box
        file = client.file(file_id).get()  # Ensure the file exists
        print(f"File retrieved: {file.name}")

        # Get the download URL
        download_url = client.file(file_id).get_download_url()
        if download_url:
            return jsonify({'file_id': file_id, 'file_name': file.name, 'download_url': download_url})
        else:
            return jsonify({'error': 'Failed to retrieve download URL'}), 404
    except Exception as e:
        return jsonify({'error': str(e)}), 500