API

Hi, I can query for various thumbnail representations of an uploaded image, but is there any endpoint/query that will return the original dimensions of the file? Thanks

I want to give users of my FlutterFlow mobile/web app full access to a dynamic folder path from within my app, without the user knowing they are in Box. This means a custom app using JWT authentication using key pairs and the config.json for authentication: https://developer.box.com/guides/authentication/jwt/without-sdk/ However, FlutterFlow does not have native support for SDKs, python, or any of the languages supported in the documentation. I was wondering if anyone else has any experience using Box.com integrations with Flutter/FlutterFlow apps and if so how they did it.

Hi there. I’m looking for a way to download a watermarked file using the API with a viewer user. I saw the platform docs mentioning that when using a Viewer user to download a watermarked file, you need to first open the file for preview and then the download becomes available. How can I do the same thing using the API instead of the UI?

Our app is currently under review. Even though it is in the review process, is it okay for our customers to use it? Are there any restrictions, such as a maximum number of connections?

Hi, We have issue where we want to get all the collaborators for file, however, we are not getting all the collaborators. If I call list folder collaboration Api, I am getting all the collaborators whoever have access to that file. If it is waterfall permission model, I should have all the collaborations from the file endpoint, if that file under the parent folder. So why I am not getting all the collaborators when I use list file collaboration API? ref: - List file collaborations - API Reference - Box Developer Documentation

Hello there I am developing an integration for a customer that uses BOX. I have created my own box account to develop and test the integration. Today i wanted to test it out on the customers enterprise. They could add and authorize the app easily via the client id. However the app service account needs to be added as a collaborator to the folder it needs to see. This is where we ran into trouble, as BOX refused to add the service account since it was from a different enterprise. Is it possible to add a serviceaccount from a different enterprise at all? I am going at this the wrong way or is there some trick that i have missed. Best regards Malte

Hi Team, I am facing issue while uploading file to folder, I am having collaborator access for uploading file to a folder. My colleague has added me as collaborator (Admin) in app. When using Developer Token of that app I am able to upload file on folder, but when generating Access Token and using it to upload it gives me below error: Error when uploading using Generated Access Token: { “type”: “error”, “status”: 404, “code”: “not_found”, “context_info”: { “errors”: [ { “reason”: “invalid_parameter”, “name”: “parent”, “message”: “Invalid value ‘d_244280116703’. ‘parent’ with value ‘d_244280116703’ not found” } ] }, “help_url”: “http://developers.box.com/docs/#errors”, “message”: “Not Found”, “request_id”: “6sq71ghlvfufpj1r” } I am generating token using client credentials and authentication for my app is OAuth 2.0 Can someone tell me what is issue or what i am missing in this implementation? Thanks

Hi, I am running this API call. ‘https://api.box.com/2.0/workflows?folder_id=FOLDER_ID’. When I run it, I am getting a 404 error. Here’s what I’ve done so far. I know it’s not an authentication issue because I can run ‘https://api.box.com/2.0/folders/FOLDER_ID/items’ just fine. I know it’s not an issue of there not being a workflow in the folder. I was able to successfully make this call yesterday. And I can SEE the workflows on the front end. I had our company box admin run this API call with his root account and got the same 404 error. What am I missing? Again, it’s super odd to me because I ran this just fine yesterday morning.

Hi I’m building a PHP app and I implemented the OAuth flow described in the documentation developer.box.com OAuth 2.0 without SDKs - Box Developer Documentation Explore the Box APIs and SDKs to use for app development, API documentation, developer support resources, and access the Box Developer Console however, after I successfully receive my refresh token, it only works for one request, the following request always fails Any reason why it won’t allow me to use the refresh token again in offline mode? Thanks

I want to to know if there is a webhook that can notify similar information that following: status.box.com Box Status Welcome to Box's home for real-time and historical data on system performance. because this status usually has too much delay. What do you think about, as a workaround, just use some general webhook, and finally if I didn’t receive a response it sounds like the service is unavailable?.

Hello, I’m using the cloudsync by synology for mirroring files. On 29/11/2023, I have noticed that one or two out of ten files are synced after 4 hours since the files was uploaded to the Box(Others was synced immediately). That problem persists for half a day. After some investigation, I have got to know that cloudsync uses the box event api and the event was delayed. I got the event data below by calling the api using curl command. The event data shows that recorded_at is about 4 hours later than created_at. { "type": "event", "event_id": "6a6e8892b56aa016e60dac75973e3c16ac06148f", "created_at": "2023-11-29T23:42:29-08:00", "recorded_at": "2023-11-30T03:43:23-08:00", "event_type": "ITEM_UPLOAD", "session_id": "v5wegwhkd6bo63sk", ... Now, I have the following questions below. How often does similar event delay occurs? How long is max expected event delay? Regards,

Hi all, I was wondering whether the Events API call has the same rate limits as described here. Due to its potential huge-size in enterprise environments, i wondered if it really falls under the 100K per month for an enterprise for example. If an enterprise with a lot of users has a SIEM tool and a few more integrated tools, this can be reached easily. Also - how the rate limiting of a client-credentials authenticated app is measured? is the app considered as a “user”? Another question i had, is whether i can filter out events based on their type (for example filter out login events etc). Thanks a lot.

Hi Team, I am working on an app integration to poll and parse Enterprise Event Stream API. I found the documentation for the list of events at the following link: https://developer.box.com/guides/events/enterprise-events/for-enterprise/#event-types 👍 Just wondering if there is documentation that explains the JSON response document for each event as it seems to vary a little based on event - example: CONTENT_ACCESS/LOCK/UNLOCK/EDIT has additional_details field. Thanks Andy

Hello all, I am using the download file API with a downscoped token to allow the user to download files directly from their browser as part of an application where box is hidden from the user (https://developer.box.com/guides/downloads/in-browser/). This works fine, except that the response includes a Content-Disposition header with the value set to “attachment;filename=…”. Ideally, I would want a response with Content-Disposition set to “inline;filename=…” so that the default behavior for browsers would be to preview the file rather than downloading it. So my questions: Is there a way to force box to return an inline disposition? If not, is there another endpoint/workaround I can use to achieve this (without recreating a preview system myself)?

I am trying to post comments on files in box using rest api callouts.It is asking for auth token.I have already authorized the app in box.I am not sure how it will work.if anybody has a working example in postman etc.

Hello everyone. I created a custom app in september 2019 and I have been using it since them to automate some of my monthly tasks. It is able to upload and retrieve files data as I need, but not to list neither delete due a low regularity of usage of these functions, mainly because I’ve used to manage and delete old files using web Content Manager. Unfortunately I am not able to do it anymore. If I understood it well, now the feature is restrict to plans upper to Business Plus. I got the point to restrict users management, but wouldn’t it be bad for Custom Apps that haven’t a full self-management (CRUD) files feature? We must consider that some apps does not even have an UI, some finished and delivered apps to final users could not implement a full management, and even there is a needing to write more code and spend time to fix a issue that can’t be solved due a policy plan change Thanks.

Hi Team, What will be endpoint of API if subdomain enabled. Example - Default URL - https://api.box.com/2.0/events If enabled subdomain can we use API with default URL or do we need to use subdomain?

Regarding the plan mentioned in the https://www.box.com/pricing/business, we have below queries. Will the “\events” API availability change as the plan changes ? List Of Event type will change as per the Plan ? Will Enterprise events type include user events type ? What minimum paid account required to access the Enterprise event via “\events” API?

Getting below error in /users API Request - curl -i -X GET “https://api.box.com/2.0/users” \ -H “authorization: Bearer <ACCESS_TOKEN>” Response - { “type”: “error”, “status”: 403, “code”: “access_denied_insufficient_permissions”, “help_url”: “http://developers.box.com/docs/#errors”, “message”: “Access denied - insufficient permission”, “request_id”: “qcyqnkhl1oprc6uk” } What permission or paid account needed to access above API ?

Some of our users are getting flagged for going over their allotted API calls per month. We’re aware that this is part of the user’s Box’s billing plan. This is a pretty inconvenient limit. Our use case requires us to do full periodic syncs, where each sync making: ~2 API calls per folder, 1 to retrieve its children and 1 to retrieve its collaborations ~1 API call per file to retrieve its collaborations We do use webhooks to reduce how often we make these calls, but it still doesn’t guarantee control as a developer, especially if a user has thousands of files. To remediate: Are there any API calls that can pull the latest changes to folders & files, instead of us needing to do full periodic syncs? Or is there any other recommended practice so that we can reduce the # of API calls we need to make. Is there a programmatic way to access the user’s monthly limit? Does this limit apply to an individual user or the entire account of users? Any plans to remove this limit?

I tried to create an access token using the following details { grant_type: ‘client_credentials’, client_id: “2yuh6hjmzagiw5hr8tqhxvcqkcgyiw4c”, client_secret: “my client secret”, box_subject_type: ‘user’, // box_subject_id: ‘my user id’, // }; I am getting following error even after providing the correct credentials: data: { error: ‘invalid_grant’, error_description: ‘Grant credentials are invalid’ } my app setup is : 1.server authentication (Client credential) 2. app access only please let me know how to resolve it

We are trying to access the file name using the box api. To do that we are using OAuth authentication. But we authorization is pending and we reached out to Admin contact still waiting for the reply. Can someone pls suggest best way to integrate box with our application to read the file name which is in Box. Please do the needful Thanks in Advance.

I have a question about the conditions under which the following error occurs when using the zip archive download API. developer.box.com Download zip archive - API Reference - Box Developer Documentation Explore the Box APIs and SDKs to use for app development, API documentation, developer support resources, and access the Box Developer Console The error in question is ‘enterprise_too_many_concurrent_downloads’. Is the following understanding correct? For example, if 11 users, each belonging to different companies, use the same custom app at the same time and perform zip downloads, enterprise_too_many_concurrent_downloads will not occur (assuming parallel downloads are not performed in each company). I would like to see if the enterprise_too_many_concurrent_downloads error is related to the number of parallel downloads for my company rather than the total number of parallel downloads for my custom app’s users.

Hi teams, We are facing an issue with the search API of Box. For example, if I have files named ‘image-1’, ‘image-2’, and ‘image-3’ in Box, and my search term is ‘image,’ I noticed that the ordering of results is not consistent. The order of results varies each time I invoke the API. This inconsistency affects the API results, especially when we use pagination. For instance, if I query to get the first 20 results and then use the ‘offset’ value to retrieve the next page of results, I observe that there are repeated results from the previous API call. Please consider this issue and provide us with a resolution. Thank you