Skip to main content

Eliminate the grant access page

  • November 6, 2023
  • 1 reply
  • 118 views

  • Known Participant
  • 15 replies

Is there a way to eliminate the grant access page if a user is already given access to the app? Or is there any other type of custom app I can use for this purpose?

My requirement is just to verify that the visitor is an actual box user or not.


Once the user grants we store the tokens and refreshs the token before the expiry of the refresh token.


A similar way where users can log in with Google. And access grant is asked only first time.

1 reply

rbarbosa Box
  • Developer Advocate
  • 553 replies
  • November 6, 2023

Hi @MBenny


I’m not sure what your question is Beeny.


You’re describing the normal behavior for a Box OAuth 2.0 app.


So the first time the user authorizes the app.


In that process your app gets an access token and a refresh token, valid for 60 minutes and 60 days. You should store these tokens somewhere safe.


The second time, your app needs to get the tokens from before.


If the access token is still valid (< 60 minutes) then just use that.


If not, but the refresh token is still valid (<60 days), then use that token to get a new access token. Your app will also get a fresh new refresh token. Store these again, and use the access token


If your refresh token is expired, your app needs to go through the authorization process again.


Not sure if python is your things, but here is a sample app template that implement OAuth:



Let us know if this helps.


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings