Skip to main content
Solved

Failed to create app user


  • Participating Frequently
  • 5 replies

Was trying to create an app user following this guide,



and with the following api request:


POST - https://api.box.com/2.0/users

request: {“is_platform_access_only”: true , “name”:“test”}

response:


{


“type”: “error”,


“status”: 403,


“code”: “access_denied_insufficient_permissions”,


“help_url”: “http://developers.box.com/docs/#errors”,


“message”: “Access denied - insufficient permission”,


“request_id”: “avrw5xhevqe1xti8”


}


What is missing? Can you please assist?


(I have verified I have sufficient permissions to create a user which is not an app user and it was created successfully)


Thanks

Best answer by smartoneinok Box

It is 12 per enterprise for search regardless of if they are internal or customer users.


-Alex

View original
Did this topic help you find an answer to your question?

9 replies

smartoneinok Box
Forum|alt.badge.img

Hi Henrick!


App Users have to be created using a service account. I assume that might be why you are getting this error.


Service accounts are created automatically after a JWT or CCG application is authorized by the primary admin. If you are using one of our sdk libraries, you can create a client with the service account. That should allow you to create app users. Here is an example of doing that with Python. Once you have a client, you should be able to create an app user, using something like this example here.


Unfortunately, you cannot use the as-user functionality to run commands for a service account.


Also - you can use the Box CLI, configuring it with a JWT or CCG application. Then if you ran a command similar to this, an app user can be created.


Alternatively, if you wanted to use CURL, you would need to go through the token request process to get an access token for the service account. You would then use that token in your call to create an app user.


I hope this helps. Let me know if I can clarify anything else!


Thanks,

Alex


  • Author
  • Participating Frequently
  • 5 replies
  • June 18, 2023

Thanks we are using the OAuth2 code flow, is it also creating a service account behind the scenes?

ca we create an app user our current flow or is it mandatory to use the service account flow?


smartoneinok Box
Forum|alt.badge.img

OAuth 2.0 app type does not create a service account. It uses your own managed user account instead. If you would like to create an app user, you will need to use a JWT or CCG auth type for your application.


Thanks,

Alex - Box Developer Advocate


  • Author
  • Participating Frequently
  • 5 replies
  • June 20, 2023

Thank you!

Do we need an additional consent flow or can we create a service account on behalf of our oauth app?


smartoneinok Box
Forum|alt.badge.img

Ah! I think I may have confused you a bit. You will have to make a new app that uses JWT or CCG. You will not be able to OAuth 2 app to create app users.



  • Author
  • Participating Frequently
  • 5 replies
  • June 22, 2023

Thanks, one last question, will creating app users help us to leverage and create more search api calls? will performing the call with as-user header of an app user will help us create more than 12 api calls per org? or is it limited regardless of any addition of app users?


Thanks!


The current limit stated by the documentation -

12 searches per second, per enterprise


smartoneinok Box
Forum|alt.badge.img

Correct. For that rate limit, its per enterprise. So if you had 13 app users doing a search in one second, you’d hit the rate limit.


  • Author
  • Participating Frequently
  • 5 replies
  • June 24, 2023

Thanks! and is that limit effected by customer api calls as well?

Or are they 12 api calls dedicated per application regardless of the number the customer is doing on his side?


smartoneinok Box
Forum|alt.badge.img
  • Senior Developer Advocate
  • 181 replies
  • Answer
  • June 26, 2023

It is 12 per enterprise for search regardless of if they are internal or customer users.


-Alex


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings