I’m building a web application (React + Node.js) that integrates Box for document storage and collaboration using the Office Online editing feature. Here's a summary of our use case:

Use Case Overview:

• Users in our app upload various documents (e.g. .docx) for collaboration purposes

• When a document is uploaded:

  • It is saved to Box via the API

  • We store the file_id and metadata in our own database

• The user interface (our app) allows users to:

  • Preview documents (via embedded Box preview)

  • Edit documents (in Word Online)

Access Design:

• All Box operations are handled by a single Box service account

• End users do not have Box accounts

• When users click “Edit,” we want to redirect them directly to an Office Online editing session for the document

Key Question:

Is there any supported way to generate an editable Office Online link via the Box API that does not require the end user to log into Box?

If not, is there a workaround — such as using App Users, JWT auth, or pre-authenticated sessions — that would allow Office Online editing to occur in a seamless way, without exposing Box login or requiring users to have Box accounts?

We understand Box requires authentication for editing, but we’d like to confirm if any exceptions or patterns exist for fully abstracted document editing using Office Online while retaining Box for storage and file control.