API

I’m trying to check with an API how many times a file has been accessed. Since there is no API to obtain the insight information provided on the web screen, I think that the FILE (Full) objects shared_link.download_count and shared_link.preview_count are appropriate alternatives. However, these values always remain 0 whether I preview or download the file. When are download_count and preview_count updated?

The Users & Groups section of box admin shows that I have a managed user that is using 95% of the storage of my account. I am unable to see that content in the Content section of box admin because I don’t see a Content Browser tab (in both Firefox and Microsoft Edge). I have tried deleting the user and transferring their content to me, but when I click the Continue button it shows a busy animation and never goes to the next screen. When I login to box admin later, no additional content has shown up in my account, and the user I tried to delete is still there and is still using 95% of the storage. The problematic user was originally the account admin, but has an email address from a domain that box doesn’t allow, so a couple years ago I created a new user (the user I’m logged is as now) and made it the admin. I had to file ticket #2455825 to get the account reactivated. The problematic user is now shown as Co-Admin and listed as Active, but I am unable to login using that email

I’m using the /recent_items to identify the following: item_modify, where a user has modified a file in Box item_preview, where a user has viewed a preview of a file item_upload, where a user has uploaded a file item_comment, where a user has added a comment to a file I have created a folder & file, created a folder & uploaded a file, and added comments to the file in my box account. However, the response only lists files interacted with interaction_type = “item_preview”? I was expecting the API to return the interaction_type = “item_uploaded” when the file was uploaded; and return the interaction_type = “item_comment” when a comment was added the file? Any help is greatly appreciated. Thx

Is there a way to eliminate the grant access page if a user is already given access to the app? Or is there any other type of custom app I can use for this purpose? My requirement is just to verify that the visitor is an actual box user or not. Once the user grants we store the tokens and refreshs the token before the expiry of the refresh token. A similar way where users can log in with Google. And access grant is asked only first time.

I have a question regarding rate limiting for license-based APIs. developer.box.com Rate Limits - Box Developer Documentation Explore the Box APIs and SDKs to use for app development, API documentation, developer support resources, and access the Box Developer Console If the rate limits for license-based APIs are exceeded, will an error occur? I would like to know the specific behavior when these limits are exceeded. In a previous response, it was mentioned that there would be no error, but a notification for a plan upgrade. I would like more details on what happens when the limits are exceeded. Box Support API calls per month limitation of Business Plans When an application reaches the API calls per user (or per second), the response will be  "429 Too Many Requests" with Retry-After seconds in HTTP headerhttps://developer.box.com/guides/api-calls/p...

I have a question regarding rate limiting for license-based APIs. developer.box.com Rate Limits - Box Developer Documentation Explore the Box APIs and SDKs to use for app development, API documentation, developer support resources, and access the Box Developer Console I understand that the rate limits for license-based APIs are based on the entire organization’s usage, not on a per-user basis. For example, if there are 6 users on a Business plan, and each user makes 10,000 API calls, the total would exceed the 50,000 rate limit. Is this correct?

What is the most efficient method to stop users deleting folders? It seems there is no direct permission which can be applied for this. Folder Locking available via API seems to be a possibility.

I’m utilising the Box Sign Events API to construct my workflows. The API provides capacity to monitor the sign document when it is converted to a .pdf file, using the SIGN_DOCUMENT_CONVERTED event. However, this event does not seem to trigger - I’ve tried using different sign document file formats. They all get successfully converted to a PDF for signing, but the CONVERTED event never seems to show up in the enterprise events stream (admin_logs_streaming). Similarly, I’m also not able to trigger the SIGNER_DOWNLOADED event - the documentation states that: “A SIGNER_DOWNLOADED event_type is produced when a signer downloads the signing document.”, but when I test this out, I only receive an additional SIGN_DOCUMENT_VIEWED_BY_SIGNER event (note that this isn’t the event upon opening the sign document email, but an additional one when I click the download button in the Box sign UI). Is this an intentional behaviour? If so, how do we trigger the SIGNER_DOWNLOADED event? Could someone please

Hi, I’m trying to figure out why our app integration no longer opens successfully, it shows “403 forbidden” when opening the app via Box (in a new tab). From our logs it looks like it stopped working August 22th (the oath endpoint haven’t been called since then). Have something changed in how Box calls the authentication endpoint? Its this network call https://app.box.com/index.php?rm=box_openbox_post_form&url=[...] that returns a 403. See screenshot: When i call the url specified in the query parameter above manually with a POST it returns a redirect which can open the app successfully so I suspect something might have changed on Box end. Any ideas or suggestions would be appreciated. Thanks

Hi, I’m part of an IT company and one of our clients has been using Box since before we started managing them. We’ve been trying to handle an issue with the permissions and so far, we haven’t been able to find a good solution. Box support was not helpful, and I spent some time learning the CLI, but I’m still struggling to figure anything out. Anyways, here is the problem: The file structure that they have set up does not work with the way Box handles permissions. The situation is they have a folder titled “Human Resources”. In this folder there is an “Employees” folder and each employee of the company has their own subfolder. Within each employee’s folder, there are two subfolders. One of these subfolders is called “Confidential” and should only be accessed by HR. The other subfolder is “Personnel” and should be accessed by HR and Accounting. Since Box forces their waterfall/inheritance permissions model, we are not able to make this work. If we give read access for Accounting to the “

What is the best way to use the Box API to get all shared links created by a specific user?

Hello. I would like to update the tracking code in PowerShell, but when I run the following code, I get a 400 error. $token = "<access token>" $uri = 'https://api.box.com/2.0/users/<user id>' $headers = @{"Authorization" = "Bearer " + $token} $body = [System.Text.Encoding]::UTF8.GetBytes("tracking_codes": [ { "type": "tracking_code", "name":"<tracking code name>",value":"<tracking code value> "}]) Invoke-RestMethod -Method Put -Uri $uri -Headers $headers -Body $body -ContentType 'application/json' ▼Error content + Invoke-RestMethod -Method Put -Uri $uri -Headers $headers -Body $body ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand Could you please let me know if there is any part of the code that is wrong?

Our Use Case: We are a SaaS vendor with security concious enterprise customers. We recommend that our customers connect their cloud storage provider (e.g., Google Drive) so that we can import configuration files and export report files. We would like to add Box to our list of supported cloud storage providers. We would be implementing a Box custom app. Our current recommendation to our customers for other cloud storage providers: Create a cloud storage user account specifically for our app, with access only to folders intended for import/export. From within our application, the organization admin enables the integration to their cloud storage provider (we have a plugin/app concept). On integration enablement, we start an OAuth2 flow; the customer enters the user described above, and we obtain the temporary code (i.e., ?code=… on the redirect). We immediately send the temporary code to our server. The server exchanges the temporary code for a refresh token (i.e., this is to avoid the c

Hi! We have gotten a report of an “access_denied_insufficient_permissions” error when our connector is trying to fetch users via the “https://api.box.com/2.0/users” endpoint. The authentication works as expected. These are the permissions setup in the app: Manage users Manage enterprise properties They are reporting that they are using Box for education. As far as I can tell Box for education is either Enterprise or Enterprise Plus at a discounted price, and not a separate product. Or are there any API limitations for education plan customers and this is expected behavior?

I see that box allows me to upload a folder containing multiple files. Is there any way to do that all the files in the folder have been uploaded, I am looking at webhook but could not utilize this event because FOLDER.CREATED is issued before all the files have been uploaded.

Hello! I am trying to use the API to add a security classification to a folder and then create a metadata cascade policy so that the classification cascades to anything added to that folder. I can add the classification successfully through the API, but I cannot create the metadata cascade policy. In Postman, my request body to create the metadata cascade policy looks like this: { "folder_id": "12345678901", "scope": "enterprise_XXXXXX", "templateKey": "securityClassification-6VMVochwUWo" } But this returns a 404 error. Is there something wrong with my request? Or am I missing a step somewhere else? I’m able to do this successfully through the Box CLI, but not by making API calls through my integration app (which uses OAuth 2.0 w/ Client Credentials Grant (Server Authentication)).

I created personal Box account and am attempting to request a token using the client ID and secret. I am getting the following error. {“error”:“invalid_grant”,“error_description”:“Grant credentials are invalid”} Here are my application settings and requests: App access level : App + Enterprise access Authentication method: Server Authentication (Client Credentials Grant) curl -X POST https://api.box.com/oauth2/token -d “grant_type=client_credentials” -d “client_id=redacted” -d “client_secret=redacted” -d “box_subject_type=user” -d “box_subject_id=redacted” I am providing the user_id of my Box account as the box_subject_id.

I am trying to call the Box api with c# and search for documents and get their metadata. I am able to see the metadata when I pass “metadata.enterprise.{metadata_template_key}” in a string array into the fields for the Search Manager. How am I able to extract that data? I do not see a way to get it from the BoxItem type. I know I can make a second call to get the metadata directly but I would have to make this call on all the documents the search api returned. I would like to prevent making so many calls if possible.

Hi, While fetching files from user of my organization. I am unable to fetch shared documents which is shared by user which is not in my organization. So, is it expected behavior. Also, in total count it displayed count with shared files but in entries it did not return the shared files.

I regularly access files over FTP. This has not been a problem until recently. But at the moment, although FTP login is still successful, I receive a “Error on input file” error when attempting to get any file. Please help me resolve this.

Hey, I’m new to using box and I’m trying to explore the SDK/APIs. I want to generate a pre signed url (like in S3) to allow the user to upload files directly through my UI without having them interact with box. Also, is there a way to test the paid features like get a direct download link using my free dev account?

Hi all, I’m using the boxsdk python lib to search for files, and then retrieve the file’s content as a string. Something like: search_results = box.search().query(<my_params>) for file in search_results: content = file.content() Problem is after this point, the Download API returns binary data that I can’t seem to decode, I’ve tried different encoding formats using python’s in-built decode, utf-8, ascii, iso, etc. Is there some way of properly decoding the binary data into string text? Of course, I’m aware this won’t work for most file types, but would at least like to get .doc, .docx, .txt files as a starting point. I also don’t need to store the content into a file locally, just need to output the file contents. Thank you!