Regarding Unable to upload files using access token generated using client credentials

Hi @user171 , welcome to the forum.

Client Credentials Grant (CCG) has the capability of using both a service account or a user account.

With the information you sent it seems you may be using the service account which might not have access to the folder.

When you create a developer token, they are always associated with the user who created them, so that would work.

When you request a new access token for the CCG app, check to see if your are requesting for a service account or your user. For example

curl --location 'https://api.box.com/oauth2/token' \

--header 'Content-Type: application/x-www-form-urlencoded' \



--data-urlencode 'grant_type=client_credentials' \

--data-urlencode 'client_id=<MY CLIENT ID>' \

--data-urlencode 'client_secret=<MY CLIENT SECRET>' \

--data-urlencode 'box_subject_type=enterprise' \

--data-urlencode 'box_subject_id=877840855'

Returns this:

{

    "access_token": "XeF...P9",

    "expires_in": 3884,

    "restricted_to": [],

    "token_type": "bearer"

}

Let’s check who is logged in:

curl --location 'https://api.box.com/2.0/users/me?fields=id%2Ctype%2Cname%2Clogin' \

--header 'Authorization: Bearer XeF...P9'

Results in:

{

    "type": "user",

    "id": "20706451735",

    "name": "CCG",

    "login": "AutomationUser_1803368_9rbDFPFJSf@boxdevedition.com"

}

Now let’s try the same but request a CCG access token for my user:

curl --location 'https://api.box.com/oauth2/token' \

--header 'Content-Type: application/x-www-form-urlencoded' \

--data-urlencode 'grant_type=client_credentials' \

--data-urlencode 'client_id=<MY CLIENT ID>' \

--data-urlencode 'client_secret=<MY SECRET>' \

--data-urlencode 'box_subject_type=user' \

--data-urlencode 'box_subject_id=18622116055'

Results in:

{

    "access_token": "B4...Ww",

    "expires_in": 4222,

    "restricted_to": [],

    "token_type": "bearer"

}

Checking the logged in user:

curl --location 'https://api.box.com/2.0/users/me?fields=id%2Ctype%2Cname%2Clogin' \

--header 'Authorization: Bearer B4...Ww' \

Results in:

{

    "type": "user",

    "id": "18622116055",

    "name": "Rui Barbosa",

    "login": "myemail@gmail.com"

}

Let us know if this worked. If not then we need to check your application configurations.

Also, whenever you change a CCG application configuration you must re-submit it for administrator approval. (I always forget this one. 😉 )

Cheers

Hi @rbarbosa ,

As per your provided code sample I have tried same approach using postman, but I am unable to fetch user details with generated token, below error is encountered:

{

    "type": "error",

    "status": 404,

    "code": "not_found",

    "context_info": {

        "errors": [

            {

                "reason": "invalid_parameter",

                "name": "user",

                "message": "Invalid value 'u_2'. 'user' with value 'u_2' not found"

            }

        ]

    },

    "help_url": "http://developers.box.com/docs/#errors",

    "message": "Not Found",

    "request_id": "yciiehhlxs1i8htg"

}

Please clarify do we need approval for user created apps from Admin?

Also, is there any way to use Box API without our Admin Approval?

I think I maybe misunderstanding the situation.

Let’s try to go step by step.

When you got to the developer console, can you paste a screenshot of the configurations?

Here is mine:

And I have all the scopes selected:

Also what do you get when you hit the https://api.box.com/2.0/users/me end point?

Cheers

Sure, Please find below configurations of mine:

App Access Level: App Access Level

Below is the response of https://api.box.com/2.0/users/me end point:

{

    "type": "error",

    "status": 404,

    "code": "not_found",

    "context_info": {

        "errors": [

            {

                "reason": "invalid_parameter",

                "name": "user",

                "message": "Invalid value 'u_2'. 'user' with value 'u_2' not found"

            }

        ]

    },

    "help_url": "http://developers.box.com/docs/#errors",

    "message": "Not Found",

    "request_id": "rkpaamhlz0022co0"

}

Thanks

Jahanvi

Hi Jahanvi,

Can you share the authentication method of your app so I can try to replicate your use case?

Mine is:

Hi @rbarbosa,

Please find attached screenshot for authentication method.

Thanks

Jahanvi

Hi Jahanvi,

Something is off and I can’t identify what…

I’ve created a CCG App access only, check everything and I am able to query the current logged in user.

curl --location 'https://api.box.com/2.0/users/me?fields=id%2Ctype%2Cname%2Clogin' \

--header 'Authorization: Bearer Rd...bi'

Resulting in:

{

    "type": "user",

    "id": "31499781476",

    "name": "CCG APP Level",

    "login": "AutomationUser_2199662_F1nQzjOmkM@boxdevedition.com"

}

So I suspect you haven’t authorized the app yet…

On the top level flip to the authorization tab:

And select review and submit.

Then goto the administrator console and approve the app: