Solved

Folder Lock API: Always receiving 404 "not_found" for folder ID

Forum|Forum|2 years ago
June 23, 2023
9 replies
282 views

aaron
New Participant
4 replies

I’m trying to build some features using the Folder Lock API: https://developer.box.com/reference/post-folder-locks/.

However, when I try to do a simple curl POST command to lock a folder, I always receive a 404 “not_found” regardless of the folder I pass to it. The GET command works fine and obviously returns an empty array since I haven’t successfully locked a folder yet, but I know the endpoint and my access token works fine.

Are there other exceptions to this feature that aren’t documented? I have ensured I am the sole owner of the folder (no co-owners), but it has been shared with others a Editors.

For added detail, I am using the Oauth 2.0 method for access.

Any help/guidance on locking folders via the API would be much appreciated!

Best answer by shurrey Box

hmmm, maybe a missing scope. What do the scopes look like in your app in the developer console?

shurrey Box
Head of Developer Relations
47 replies
Forum|Forum|2 years ago
June 23, 2023

Hi @aaron. Do you get the full error message in response to your curl call?

Example:

{
  "type": "error",
  "status": 404,
  "code": "not_found",
  "help_url": "http://developers.box.com/docs/#errors",
  "message": "Authorization Failed",
  "request_id": "0c542d24b7e5d4529f46074f93eb65e0"
}

aaron
Author
New Participant
4 replies
Forum|Forum|2 years ago
June 23, 2023

Yes, I do.

{
  "type":"error",
  "status":404,
  "code":"not_found",
  "help_url":"http://developers.box.com/docs/#errors",
  "message":"Authorization Failed",
  "request_id":"0de3761e24d71e887e31fcadf078919c8"
}

I’ve ensured that via Oauth 2.0, I am authenticated with the same user ID that owns the folder by using the /users/me and the /folders/{folder_id} endpoints as well. I’m not sure if it’s odd or not that I can successfully get folder lock info via GET and the URL query ?folder_id= but not POST with the JSON body.

shurrey Box
Head of Developer Relations
47 replies
Forum|Forum|2 years ago
June 23, 2023

Interesting. I tried this on my test system with postman and it worked ok:

POST {{baseUrl}}/folder_locks

Body

{
  "folder": {
    "type": "folder",
    "id": "{{folder_id}}"
  },
  "locked_operations": {
    "move": true,
    "delete": true
  }
}

Response:

{
    "folder": {
        "type": "folder",
        "id": "163944286342",
        "sequence_id": "0",
        "etag": "0",
        "name": "test folder"
    },
    "id": "2805613200",
    "type": "folder_lock",
    "created_by": {
        "id": "19498290761",
        "type": "user"
    },
    "created_at": "2023-06-23T17:48:16Z",
    "lock_type": "freeze",
    "locked_operations": {
        "move": true,
        "delete": true
    }
}

Can you share the curl command you are using (minus any sensitive data, of course)

aaron
Author
New Participant
4 replies
Forum|Forum|2 years ago
June 23, 2023

Sure thing, I’m just running the curl from my terminal after copy/pasting the access token from my app.

curl -i -X POST "https://api.box.com/2.0/folder_locks" \
     -H "Authorization: Bearer <ACCESS_TOKEN>" \
     -H "Content-Type: application/json" \
     -d '{
       "folder": {
         "type": "folder",
         "id": "{{folder_id}}"
       },
       "locked_operations": {
         "move": true,
         "delete": true
       }
     }'

Pretty much exactly what the example docs show.

shurrey Box
Head of Developer Relations
47 replies
Forum|Forum|2 years ago
June 23, 2023

aaron:

curl -i -X POST "https://api.box.com/2.0/folder_locks" \
     -H "Authorization: Bearer <ACCESS_TOKEN>" \
     -H "Content-Type: application/json" \
     -d '{
       "folder": {
         "type": "folder",
         "id": "{{folder_id}}"
       },
       "locked_operations": {
         "move": true,
         "delete": true
       }
     }'

hmm… that worked for me, as well. And you are using curl to get a bearer token with OAuth 2 and then using that token for <ACCESS_TOKEN> above?

aaron
Author
New Participant
4 replies
Forum|Forum|2 years ago
June 23, 2023

Correct. I’m also on an enterprise box account. I’m not sure if that would effect it? I don’t have admin access but I didn’t see anything about needing it for folder locking, just folder ownership.

The access token has worked for pretty much every other API endpoint I’ve tried, except this one.

Update: I tried using the developer token instead, and the folder successfully locked. So it does seem like an issue with my Oauth access token.

shurrey Box
Head of Developer Relations
47 replies
Answer
Forum|Forum|2 years ago
June 23, 2023

hmmm, maybe a missing scope. What do the scopes look like in your app in the developer console?

aaron
Author
New Participant
4 replies
Forum|Forum|2 years ago
June 23, 2023

It was indeed missing a scope!

I had added write access earlier but didn’t re-sign in to authenticate. I was still using the same access token(s) from refreshing the token.

I deleted the access token and refresh token from my application and signed in again and the locking now works!

Thank you for your quick responses and assistance!

shurrey Box
Head of Developer Relations
47 replies
Forum|Forum|2 years ago
June 23, 2023

Great news! Happy coding, my friend!

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded