Hi @user171 , welcome to the forum.
Client Credentials Grant (CCG) has the capability of using both a service account or a user account.
With the information you sent it seems you may be using the service account which might not have access to the folder.
When you create a developer token, they are always associated with the user who created them, so that would work.
When you request a new access token for the CCG app, check to see if your are requesting for a service account or your user. For example
curl --location 'https://api.box.com/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=<MY CLIENT ID>' \
--data-urlencode 'client_secret=<MY CLIENT SECRET>' \
--data-urlencode 'box_subject_type=enterprise' \
--data-urlencode 'box_subject_id=877840855'
Returns this:
{
"access_token": "XeF...P9",
"expires_in": 3884,
"restricted_to": [],
"token_type": "bearer"
}
Let’s check who is logged in:
curl --location 'https://api.box.com/2.0/users/me?fields=id%2Ctype%2Cname%2Clogin' \
--header 'Authorization: Bearer XeF...P9'
Results in:
{
"type": "user",
"id": "20706451735",
"name": "CCG",
"login": "AutomationUser_1803368_9rbDFPFJSf@boxdevedition.com"
}
Now let’s try the same but request a CCG access token for my user:
curl --location 'https://api.box.com/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=<MY CLIENT ID>' \
--data-urlencode 'client_secret=<MY SECRET>' \
--data-urlencode 'box_subject_type=user' \
--data-urlencode 'box_subject_id=18622116055'
Results in:
{
"access_token": "B4...Ww",
"expires_in": 4222,
"restricted_to": o],
"token_type": "bearer"
}
Checking the logged in user:
curl --location 'https://api.box.com/2.0/users/me?fields=id%2Ctype%2Cname%2Clogin' \
--header 'Authorization: Bearer B4...Ww' \
Results in:
{
"type": "user",
"id": "18622116055",
"name": "Rui Barbosa",
"login": "myemail@gmail.com"
}
Let us know if this worked. If not then we need to check your application configurations.
Also, whenever you change a CCG application configuration you must re-submit it for administrator approval. (I always forget this one. 😉 )
Cheers
Hi @rbarbosa ,
As per your provided code sample I have tried same approach using postman, but I am unable to fetch user details with generated token, below error is encountered:
{
"type": "error",
"status": 404,
"code": "not_found",
"context_info": {
"errors": [
{
"reason": "invalid_parameter",
"name": "user",
"message": "Invalid value 'u_2'. 'user' with value 'u_2' not found"
}
]
},
"help_url": "http://developers.box.com/docs/#errors",
"message": "Not Found",
"request_id": "yciiehhlxs1i8htg"
}
Please clarify do we need approval for user created apps from Admin?
Also, is there any way to use Box API without our Admin Approval?
I think I maybe misunderstanding the situation.
Let’s try to go step by step.
When you got to the developer console, can you paste a screenshot of the configurations?
Here is mine:
And I have all the scopes selected:
Also what do you get when you hit the https://api.box.com/2.0/users/me
end point?
Cheers
Sure, Please find below configurations of mine:
App Access Level: App Access Level
Below is the response of https://api.box.com/2.0/users/me
end point:
{
"type": "error",
"status": 404,
"code": "not_found",
"context_info": {
"errors": [
{
"reason": "invalid_parameter",
"name": "user",
"message": "Invalid value 'u_2'. 'user' with value 'u_2' not found"
}
]
},
"help_url": "http://developers.box.com/docs/#errors",
"message": "Not Found",
"request_id": "rkpaamhlz0022co0"
}
Thanks
Jahanvi
Hi Jahanvi,
Can you share the authentication method of your app so I can try to replicate your use case?
Mine is:
Hi @rbarbosa,
Please find attached screenshot for authentication method.
Thanks
Jahanvi
Hi Jahanvi,
Something is off and I can’t identify what…
I’ve created a CCG App access only, check everything and I am able to query the current logged in user.
curl --location 'https://api.box.com/2.0/users/me?fields=id%2Ctype%2Cname%2Clogin' \
--header 'Authorization: Bearer Rd...bi'
Resulting in:
{
"type": "user",
"id": "31499781476",
"name": "CCG APP Level",
"login": "AutomationUser_2199662_F1nQzjOmkM@boxdevedition.com"
}
So I suspect you haven’t authorized the app yet…
On the top level flip to the authorization tab:
And select review and submit.
Then goto the administrator console and approve the app: