Box Platform

前回の記事では、OAuth 2.0を使用したBox Node.jsの認証について説明しました。今回は、JWTを使用したもう1つの方法であるサーバー側の認証を見てみましょう。これは、Box APIで認証するための最も一般的な方法です。 This is a companion discussion topic for the original entry at https://medium.com/box-developer-blog/jwt%E3%82%92%E4%BD%BF%E7%94%A8%E3%81%97%E3%81%9Fbox-node-js-sdk%E3%81%AE%E8%AA%8D%E8%A8%BC-e3496d610f59?source=rss----a995c24848a3---4

Hello, I have a box application that runs somewhere in Kubernetes cluster. It needs to read a box file that belongs to a physical box user, The application onboarded with JWT authentication and box created a server account: AutomationUser@boxdevedition.com. I shared the file with this server account and it can see it when listing files. However when trying to get the file content or downloading the file I get 403 authorization error. The organization does not allow " App + Enterprise Access" configuration nor “Generate user token” access. seems strange that even when the file owner added the service user as a collaborator it still cannot read the content. Is there a way around this ?

Hi folks, We’ve created a Box UI Elements Workshop to help developers get started with these components. It is a hands on, self paced collection of exercises using a pure Javascript approach. We believe that this way the workshops are useful to a broader set of stacks, rather than limiting the examples to node, python or any specific client framework such as angular, react or vue. However do drop us a line with any type of feedback, and let us know in the comments if this idea of self paced workshops should be applied to other areas of the box platform. You can find the work shop at GitHub - box-community/box-workshop-UIElements-pure-js: Workshop on how to use the Box UI Elements in a pure HTML Javascript environment Above all, have fun!

Enterprise events provide an event stream that your application can subscribe, related to any user or content within an enterprise Box instance. This is a companion discussion topic for the original entry at https://medium.com/box-developer-blog/box-enterprise-events-api-python-5d912f379099?source=rss----a995c24848a3---4

Is there a way to find files which are tagged with custom metadata (not template version) using the Box UI?

Does Content Explorer include any mechanisms to stop the uploading of files that are infected with viruses? Is there any indication of an error in Content Explorer when attempting to preview a file that contains a virus? Is it possible for Content Explorer to hide/remove the download choice for a file containing a virus, despite the download permission granted by the downscoped token used in Content Explorer?

Hi there, Sorry for the very basic question, but I was wondering if somebody could guide me on how to generate a “Bearer Access Token” for usage with Box’s API? I’m trying to authorize the Preflight check before upload API call which requires a Bearer Access Token, but I can’t figure out where I can generate this token. I was reading through Box’s API documentation, but I couldn’t find definitive steps on how to do this. Thanks! 🙂 Scott

Box is a leading cloud content management platform that helps businesses of all sizes securely store, manage, and share their files. ImageTrust is a leading provider of redaction software that helps organizations protect sensitive information in their documents. ImageTrust is a Box partner. This is a companion discussion topic for the original entry at https://medium.com/box-developer-blog/box-integration-with-imagetrust-to-redact-pdfs-dd760d1db0e1?source=rss----a995c24848a3---4

Hi @matt.riley When I use the “metadata-query” and specify a folder Id(parent folder), does it show results for all files under that folder and other subfolders or only under the parent folder ? On the same note, I used the command on 1 folder that has 1 file and got the following error box metadata-query enterprise_287697.Testing --219563937307 Unexpected API Response [400 Bad Request | 037667ddf3edfef86c49bc5058f7841c1.037667ddf3edfef86c49bc5058f7841c1] too_many_instances - Too many instances, and no supporting index available

Hi there, We’re facing a weird issue for a few days now. When trying to add an existing (app) user to an existing group, the API throws an error: curl https://api.box.com/2.0/group_memberships \ -H "Content-Type: application/json" \ -H 'Authorization: Bearer <token>' \ -d '{"user":{"id":"aaa59478bbb"},"group":{"id":"yyy2197xxx"},"role":"admin"}' { "type": "error", "status": 404, "code": "not_found", "context_info": { "errors": [ { "reason": "invalid_parameter", "name": "group_tag", "message": "Invalid value 'g_yyy2197xxx'. 'group_tag' with value 'g_yyy2197xxx' not found" } ] }, "help_url": "http://developers.box.com/docs/#errors", "message": "Not Found", "request_id": "awo09uhgm4qzv4ww" } First I though this is a permission related issue, but this has been working just fine for years and nothing has been changed recently on our end. Interesti

Box and Bubble.io are linked to call mp4 in Box from Bubble using video tags. I can’t play mp4 files over 50Mbyte via Bubble.io, but I can play 45MByte. Is there a capacity limit or other setting?

I am creating a custom application and would like to integrate Box Sign as part of the application. At the moment, I have a box developer account with two users. I used one user to create the application (in the developer console), and another user will be used to test Box Sign API. I don’t have any issues creating folders or uploading files using the API, but whenever I try to access the Box Sign Endpoint (https://api.box.com/2.0/sign_requests), it returns a 404 “not found” error. This link [ https://developer.box.com/guides/box-sign/ ] explains that the Box Sign API is only available for the following account types: Business, Business Plus, Enterprise, Enterprise Suites, and Enterprise Plus. This might explain why I am getting the 404 error, as I do not have a paid box account, only a developer account. Can someone confirm if the developer account can access the Box Sign Endpoint? I thought the developer account would allow me to complete my development work without restriction befo

When a new file or folder is added to Box it can take “up to 10 minutes” for the new content to be returned by searching (either via the UI or Search API). Is there an API call that will show if the file/folder has been indexed yet?

この記事では、コンテンツの事前チェック、アップロード、更新や分割アップロードなどのBox API機能を活用しながら、Pythonを使用してBoxにファイルを再帰的にアップロードする方法について説明します。 This is a companion discussion topic for the original entry at https://medium.com/box-developer-blog/python%E3%82%92%E4%BD%BF%E7%94%A8%E3%81%97%E3%81%A6box%E3%81%AB%E3%83%95%E3%82%A9%E3%83%AB%E3%83%80%E3%82%92%E5%86%8D%E5%B8%B0%E7%9A%84%E3%81%AB%E3%82%A2%E3%83%83%E3%83%97%E3%83%AD%E3%83%BC%E3%83%89%E3%81%99%E3%82%8B%E6%96%B9%E6%B3%95-dc6a55ce500c?source=rss----a995c24848a3---4

The generate downscoped token is valid for almost one hour. Let’s say i want to invalidate token after 20 minutes(Logout usecase). I am getting the following error, The API returned an error code {“error”:“invalid_request”,“error_description”:“The client is invalid”} The following specified code is not working. box-java-sdk/doc/authentication.md at main · box/box-java-sdk · GitHub Is there any other way, we can achieve this functionality ?

The Box Platform publishes events that can subscribed by applications. These events relate to any actions performed by either normal or service users. This is a companion discussion topic for the original entry at https://medium.com/box-developer-blog/box-user-events-rest-api-python-3eb3d4d8d55?source=rss----a995c24848a3---4

I have a custom Box App that is set up App Token (Server Authentication). This type of config creates a service account and gives us an access token. I’ve had no problem using the Box API in the past with this token as long as the associated service account is given access to the appropriate folers. However, calls to the Box SIGN parts of the API return the following: { “type”: “error”, “code”: “insufficient_scope”, “status”: 403, “message”: “The request requires higher privileges than provided by the access token.”, “help_url”: “http://developers.box.com/docs/#errors”, “request_id”: “0aa1e51ed7348b0df97959af0e579f7e6” } Our admin has granted Box Sign access to this service account and I even re-authorized the app just in case. But I’m still getting this permission error. Are service accounts allowed to use Box Sign API? Keep in mind this uses a static APP TOKEN. It does not use OAuth

So I have been trying to authenticate the Box app with the Python SDK using JWT, but I am getting an error. “BoxOAuthException: Message: Please check the ‘sub’ claim. The ‘sub’ specified is invalid. Status: 400 URL: https://api.box.com/oauth2/token Method: POST” I have crossed checked the “enterprise_id” value which is specified in the config file (the box account which I am currently using is a personal one, so the enterprise in this case was showing as ‘0’). Also providing the python code which was written for this use-case: from boxsdk import JWTAuth, Client auth = JWTAuth.from_settings_file(‘/Users/pratyush/Downloads/0_pvp4byup_config.json’) client = Client(auth) service_account = client.user().get() print(f’Service User Account id is {service_account.id}')

I am using Laravel to query the Box Api endpoints. I am specifically getting an error on the Box File upload api. Here is the piece of code that I am using: Http::asForm() ->withToken($this->accessToken) ->post($this->uploadUrl, $attributes); Here is curl equivalent of the same: curl -H 'Content-Type: multipart/form-data' \ -H 'Authorization: Bearer {Token}' -d 'attributes%5Bname%5D=test.pdf&attributes%5Bparent%5D%5Bid%5D=12345&file=test.pdf' -X 'POST' 'https://upload.box.com/api/2.0/files/content' Please help.

Hello, I am working on a Python integration that requests Box API. My goal is as follows: to set up an automation that invites one or more individuals to collaborate on a file/folder. Once the invitation is accepted, an approval task is created on the file (or on each file within a folder) and assigned to the same person. However, how can I invite a user who does not have a Box account? The request to create a collaboration requires an object of type ‘User (Collaborations)’. Yet, I only have the email address and not a user ID. Thank you in advance for helping me through my issue. Antoine