Regarding Unable to upload files using access token generated using client credentials

Hi @user171 , welcome to the forum.

Client Credentials Grant (CCG) has the capability of using both a service account or a user account.

With the information you sent it seems you may be using the service account which might not have access to the folder.

When you create a developer token, they are always associated with the user who created them, so that would work.

When you request a new access token for the CCG app, check to see if your are requesting for a service account or your user. For example

curl --location 'https://api.box.com/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \

--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=<MY CLIENT ID>' \
--data-urlencode 'client_secret=<MY CLIENT SECRET>' \
--data-urlencode 'box_subject_type=enterprise' \
--data-urlencode 'box_subject_id=877840855'

Returns this:

{
    "access_token": "XeF...P9",
    "expires_in": 3884,
    "restricted_to": [],
    "token_type": "bearer"
}

Let’s check who is logged in:

curl --location 'https://api.box.com/2.0/users/me?fields=id%2Ctype%2Cname%2Clogin' \
--header 'Authorization: Bearer XeF...P9'

Results in:

{
    "type": "user",
    "id": "20706451735",
    "name": "CCG",
    "login": "AutomationUser_1803368_9rbDFPFJSf@boxdevedition.com"
}

Now let’s try the same but request a CCG access token for my user:

curl --location 'https://api.box.com/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=<MY CLIENT ID>' \
--data-urlencode 'client_secret=<MY SECRET>' \
--data-urlencode 'box_subject_type=user' \
--data-urlencode 'box_subject_id=18622116055'

Results in:

{
    "access_token": "B4...Ww",
    "expires_in": 4222,
    "restricted_to": [],
    "token_type": "bearer"
}

Checking the logged in user:

curl --location 'https://api.box.com/2.0/users/me?fields=id%2Ctype%2Cname%2Clogin' \
--header 'Authorization: Bearer B4...Ww' \

Results in:

{
    "type": "user",
    "id": "18622116055",
    "name": "Rui Barbosa",
    "login": "myemail@gmail.com"
}

Let us know if this worked. If not then we need to check your application configurations.

Also, whenever you change a CCG application configuration you must re-submit it for administrator approval. (I always forget this one. 😉 )

Cheers

Hi @rbarbosa ,
As per your provided code sample I have tried same approach using postman, but I am unable to fetch user details with generated token, below error is encountered:

{
    "type": "error",
    "status": 404,
    "code": "not_found",
    "context_info": {
        "errors": [
            {
                "reason": "invalid_parameter",
                "name": "user",
                "message": "Invalid value 'u_2'. 'user' with value 'u_2' not found"
            }
        ]
    },
    "help_url": "http://developers.box.com/docs/#errors",
    "message": "Not Found",
    "request_id": "yciiehhlxs1i8htg"
}

Please clarify do we need approval for user created apps from Admin?
Also, is there any way to use Box API without our Admin Approval?

I think I maybe misunderstanding the situation.

Let’s try to go step by step.

When you got to the developer console, can you paste a screenshot of the configurations?

Here is mine:

And I have all the scopes selected:

Also what do you get when you hit the https://api.box.com/2.0/users/me end point?

Cheers

Sure, Please find below configurations of mine:

App Access Level: App Access Level
Below is the response of https://api.box.com/2.0/users/me end point:

{
    "type": "error",
    "status": 404,
    "code": "not_found",
    "context_info": {
        "errors": [
            {
                "reason": "invalid_parameter",
                "name": "user",
                "message": "Invalid value 'u_2'. 'user' with value 'u_2' not found"
            }
        ]
    },
    "help_url": "http://developers.box.com/docs/#errors",
    "message": "Not Found",
    "request_id": "rkpaamhlz0022co0"
}

Thanks
Jahanvi

Hi Jahanvi,

Can you share the authentication method of your app so I can try to replicate your use case?

Mine is:

Hi @rbarbosa,
Please find attached screenshot for authentication method.

Thanks
Jahanvi

Hi Jahanvi,

Something is off and I can’t identify what…

I’ve created a CCG App access only, check everything and I am able to query the current logged in user.

curl --location 'https://api.box.com/2.0/users/me?fields=id%2Ctype%2Cname%2Clogin' \
--header 'Authorization: Bearer Rd...bi'

Resulting in:

{
    "type": "user",
    "id": "31499781476",
    "name": "CCG APP Level",
    "login": "AutomationUser_2199662_F1nQzjOmkM@boxdevedition.com"
}

So I suspect you haven’t authorized the app yet…

On the top level flip to the authorization tab:

And select review and submit.

Then goto the administrator console and approve the app: