Skip to main content

Hi,

We are trying to add a custom UI using the Box Content Explorer javascript library from the UI Elements SDK. The Box Content Explorer requires an auth token to authenticate. This must be the Salesforce user rather than a service account in our case so security and access is respected.

There does not appear to be a method to retrieve a user's auth token from the Salesforce toolkit. Looking outside the toolkit to the Salesforce SDK, there isn't an implementation of the OAuth user flow (this must be implemented by the application) and my understanding is that this would be an additional log in to the Box for Salesforce login.

I'm currently looking into using the toolkit to query a Box managed user's Id using the username from Salesforce and then getting a user token through a Client Credentials custom app. 

What is the best way to seamlessly integrate the Box for Salesforce toolkit with the Box UI Elements SDK so that there is a single authentication process?

 

Thanks

As far as I know, as of now there’s no way to directly retrieve a raw access token of the current user from the Apex Salesforce Toolkit methods (although this would be highly desirable). The workaround we have used was the following:

  • Create a Box Service account with the Client Credentials Grant method that has access to make calls with the as-user header
  • In your Apex Controller, complete the Client Credentials Grant Server authentication flow to retrieve your “base” token using the Enterprise ID as the subject type
  • Retrieve your desired Box User’s ID via API (api.box.com/2.0/users)
  • Call the Client Credentials Flow again but this time using the Box User ID instead of the Enterprise ID as the box_subject_type
  • Downscope your access token as required and pass into your custom UI elements

You can check out Kyle Adams’ reference implementation on GitHub for a great sample of how you can put together this type of solution.

 

Hope this helps!


Reply