API

I am Searching For File Which Have Keyword “Disposition”  I am Getting the Files Which have Keyword “Disposition” But Getting files Which Have Keyword “Dispositive” Which is not appropriate or match the keyword .Check This For Reference..  

I know that calls to api.box.com count against an API limit of 50k to 100k calls. Do requests to `dl.boxcloud.com` count against that limit as well?  e.g., if I call `https://api.box.com/2.0/files/:file_id/content`, is that two chargeable requests counting the redirect, or one?

Hi,At this time, there appears to be no way to search for managed users by email alias.So if I want to find a user by email alias, I have to get all users and check each user's email alias one by one, which requires a lot of API calls.To reduce unnecessary API calls, could you provide an API endpoint to search for users by email alias?Akihiko

I'm seeing an error when moving folders between different owners.The request contents and response are as follows.It has been pointed out that a new owner should be specified, but how should I specify it?Request:PUT: https://api.box.com/2.0/folders/277094708559raw body:{    “parent”: {        “owned_by”:{“id”:“34690427263”},        “id”:“277094005474”    }} Response:{    “type”:“error”,    “status”:400,    “code”:“cannot_make_collaborated_subfolder_private”,    “help_url”:“http://developers.box.com/docs/#errors”,    “message”:“Cannot move a collaborated subfolder to a private folder unless the new owner is explicitly specified”,    “request_id”:“cajrjnhs2ugc7ixz”} 

Hi,I am generating a token following the tutorial for JWTs (grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer"). The API does return an access token, and it does work, but it doesn't seem to have the structure of a JWT (3 sections separated by dots...).I am requesting it using a RSA key pair to sign the request.I wonder if the tokens are encoded in a particular way, encrypted, or it is just an access token and not really a JWT.Thanks!

Hello, I hope this email finds you well. I am writing to inquire about the status of my custom app Auth 2.0, which was submitted for approval on 27th June. It appears to still be under review. Could you kindly provide an update on when it is expected to be approved?

I use Claris FileMaker to upload a file via https://upload.box.com/api/2.0/files/contentI use following cURL: "--location --header \"Content-Type: multipart/form-data\" --header \"Authorization: Bearer XXX\" --form \"attributes=@$JSON\" --form \"file=@$Fil\" -D $header"I get HTTP/1.1 400 Bad Request with this in return: {"code":"bad_request","help_url":"http://developers.box.com/docs/#errors","status":400,"message":”API upload contained multiple file parts","type":"error"}I dont see any info on “API upload contained multiple file parts” in the link, or on the web. Someone knows what it mean and how to solve it?  

Hello Box Developer Community, I hope this message finds you well. I am currently experiencing an issue with the Box UI Element’s Content Preview feature in our application. We are using this feature to preview PDFs, but we have noticed that the preview becomes unavailable after approximately 10 to 15 minutes. We have confirmed that this issue also occurs in the official documentation, where the preview times out after the same duration. We are seeking a solution to prevent this from happening without requiring our users to clear their cache. Additionally, we have identified that URLs from the domain dl.boxcloud.com, which are provided by Box for downloading, expire after 15 minutes. We suspect this might be related to the issue we are experiencing with the content preview timing out. Could anyone confirm if this expiration is affecting the preview functionality and provide guidance on how to handle it? Here are a few considerations an

Good morning, I have a long running process that starts by reading the directory contents of between 70k + 700k files, when running the process on a very small set of data, it works 100%, on my side of the process it then runs a series of ‘things’ on that data, then generates a metadata template and stamps it on the file. This works 100% until, what I think is, the token becoming stale/invalid/expired. I say this because if this process runs for like 4-6hrs, nothing. It works perfect, but around 24hr, when i stamp the template i get 401 errors. So the first thing i did (my program is in Rust) is re-build my auth before stamping the templates. Example Code: let client = Client::builder().build().unwrap(); let params = [ (“client_id”, “”), (“client_secret”, “”), (“grant_type”, “client_credentials”), (“box_subject_type”, “enterprise”), (“box_subject_id”, “534608”), ]; //Get client token let response = client .post(“

Hi Box Team I have a Box business account that has a monitoring system in place to track which files are being downloaded by each user. I would like to exclude a specific user (identified by their user ID or email address) from this monitoring system. Is there a manual process within the Box admin console to achieve this? Or is it possible to do this programmatically via the Box API? Please provide the steps for both the manual process and the API method, if available. I want to understand how to selectively skip monitoring for a single user while keeping it enabled for all other users. Let me know if you need any clarification on the question. I appreciate you taking the time to provide a detailed response on how to accomplish this in Box. Thanks

Question about the Collaboration Limit Is the maximum number of collaborators that can be invited to a file 500 people? When trying to invite collaborators with 500 already present, the following response is returned: Unexpected API Response [403 Forbidden | xxxx ] access_denied_insufficient_permissions - Access denied - insufficient permission I have confirmed that more than 1000 people can be invited to a folder, but is there a limit on the number of collaborators that can be invited to a folder?

Hi, I am trying to use box-ui-elements in my custom built react app project but keep getting the same errors about box-ui-elements not being installed correctly. Any help would be appreciated.

Hello - I am working on a custom application that requires the use of annotations on files. I am consistently running into issues with annotations. Our application utilizes JWT for authentication. When attempting to downscope the access token with scopes needed for the UI elements + annotations, I consistently get “Insufficient permissions” for the downscoped token. Upon looking at the permissions for my file using the downscoped token, I notice that there are additional permissions that are not enabled despite following the scopes outlined in the documentation: Downscoped access token (scopes: base_preview item_download item_upload annotation_edit annotation_view_all base_sidebar item_comment item_preview) { "type": "file", "etag": "0", "permissions": { "can_download": true, "can_preview": true, "can_upload": true, "can_comment": true, "can_rename": false, "can_delete":

I have been using the same call for some days but since a couple of days we started getting 400 responses when using offset in a /search call. For example: {'type': 'error', 'status': 400, 'code': 'bad_request', 'context_info': {'errors': [{'reason': 'invalid_parameter', 'name': 'offset', 'message': "Invalid value '2'."}]}, 'help_url': 'http://developers.box.com/docs/#errors', 'message': 'Bad Request', 'request_id': 'gcvgk4hqlhels3di'} The original call was to the url https://api.box.com/2.0/search?limit=11&offset=2&content_types=name,description&ancestor_folder_ids=250469971042&type=folder&fields=name,description,path_collection&query=%2232%22 Are we composing the URL right? Thanks in advance!

i am using the boxnet integration with moodle as found on GitHub - moodlehq/moodle-repository_boxnet: Boxnet repository that was removed from standard package in Moodle 4.0 and finding some environments failing on the download (while others continue working). i am wondering if there are any tools to let me see what is happening from the box end of things? thx for any help.

Hi team! We submitted the app for approval around 2 weeks back but haven’t received any reply till now about our approval status. App details: Name: Cobalt Email: integrations@gocobalt.io User ID: 30678966382 Can you please expedite this as it’s an urgent requirement? Looking forward to a positive response.

We are actively builidng a Box Integration. Developed a custom-application to use Authentication as OAuth2.0. We have added multiple web-integrations and everything works as expected. When Any action is triggered from Box-Cloud using a Web-Integration – We use the authCode to generate the access-token with NodeSdk. – We perform the required task and Workflow is Completed without any issues. We are storing {access_token, refresh_token, ttl} in our backend database… The Problem is when we Try to refresh the Token: The Refresh Token is used for the first time. The Refresh Token is not expired (I tested within few minutes, after getting the refresh-token). I tried using the Authentication flo: Contructing AuthenticationUrl, Allow Access from BOX, Exchange Code for Token

Copy pasting this from another question that was never answered: When I attempt to perform a preflight check with a file with the same name in the same folder and run into a naming collision, I have code that accounts for the conflict error Box API Exception with code: “item_name_in_use”. I expect the JSON object to have an array of conflicts inside context_info as per the documentation https://developer.box.com/reference/resources/conflict-error/ However, sometimes conflicts is an object instead of an array, breaking my deserialization process. Example: When calling boxFolder.canUpload(filename, fileSize), I receive this error: { "type": "error", "status": 409, "code": "item_name_in_use", "context_info": { "conflicts": { "type": "file", "id": "1545199568548", "file_version": {

After a lot of simultaneous user delete and group_membership delete operations, some group_memberships are stuck. In admin console, it shows that there are users in the group, but not showing them inside, also users are already deleted. If checking via API, they are shown in group/GROUP_ID/memberships endpoint, but attempting to delete them via DELETE on /group_memberships endpoint causes this error: { “type”: “error”, “status”: 404, “code”: “not_found”, “context_info”: { “errors”: [ { “reason”: “invalid_parameter”, “name”: “group_tag_user”, “message”: “Invalid value ‘group_tag_user_36356814675’. ‘group_tag_user’ with value ‘group_tag_user_36356814675’ not found” } ] }, “help_url”: “http://developers.box.com/docs/#errors”, “message”: “Not Found”, “request_id”: “fdm4k5hpziqx9of5” }

For all intents and purposes, I’m using cURL commands to operate my application. Project: I have a large number of folders (1000+) in the root of my application. Each folder has a standard structure of sub-folders, and within each sub folder there can be a large number of individual files (1000+). Need: I have a database with associated records. Each record is given an identifier (UUID). I created a metdata template with one field called UUID. Goal is to add a metadata instance to related files and folders with associated UUID. When you pull up the record in the database, application will search all metadata for UUID, and return appropriate files. Problem: I have successfully done so with files. Added metadata instance, search for UUID, and found list of files (99% of the time it returns just one). I have NOT been able to do so with folders. I need to be able to search for a metadata instance on a “folder” and retrieve i

I am a bit confused about the application type and authentication method best suited for my use case. I want to build an application, which should be published into the box app centre. The application should add context menu items to the existing box cloud Users with the box cloud account are the expected users. They will select a file or folder and click the context menu option. Context menu item click - should invoke our API., with information about the selected file or folder. The application should have permission to download and upload files. The main concern is that I want a long-lived token. I don’t want to re-authenticate for every call of a user a short-lived token. If multiple Organizations installed the application, How do we differentiate the organization? Thanks, Sarin

I think the user will be directed to the URL below when authorizing the user using OAuth 2.0. https://account.box.com/api/oauth2/authorize?response_type=code&redirect_uri=xxxx&state=xxxx&client_id=xxxx When redirecting the user to the above URL, a problem occurs where a screen like the one below is displayed. https://account.box.com/login/mfa?redirectUrl=/api/oauth2/authorize?response_type=code&redirect_uri=xxxx&client_id=xxxx