Skip to main content
  • EN

Box Platform

All things API and SDK related

615 Topics
M
MoshiurAhmed2024New Member
asked in API
JWT Service Account Stopped working

Hi -We have a JWT service account that was used more than 1 1/2 year and that stopped working.Auth token generates but can't connect to shared folder with our client. Getting follow error message.{"type":"error","status":404,"code":"not_found","context_info":{"errors":[{"reason":"invalid_parameter","name":"parent","message":"Invalid value 'd_XXXXXXXX'. 'parent' with value 'd_XXXXXXXX' not found"}]},"help_url":"http:\/\/developers.box.com\/docs\/#errors","message":"Not Found","request_id":"----"}Out client have shared the folder again with service account (AutomationUser_XXXXX_XXXXX@boxdevedition.com). But it seems service account needs to accept the shared folder invite. Not sure how to accept the invite.Would you be able to assist please?

160
M
4 months ago
D
DrewNew Participant
posted in API
What does a user in Enterprise A need to do to use a metadata template from Enterprise B?

I’d like to apply a metadata template from another enterprise (let’s call it Enterprise B) to files from my enterprise (Enterprise A). When I attempt to do so via the Box API, I receive 403 Forbidden. I’ve tried a number of variations, to get an idea of what responses I can expect: If Enterprise B doesn’t exist - 400 Bad Request, Invalid metadata scope. If Enterprise B does exist but the metadata template does not - 404 Not Found, Specified Metadata Template not found. If Enterprise B does exist and the metadata template does exist - 403 Forbidden. I suspect that the user making the call needs permissions that they don’t have, but it’s not clear to me what permissions that user needs - there don’t appear to be any permissions specific to metadata. What must I do to allow a user from Enterprise A to apply a metadata template from Enterprise B to files in Enterprise A?

1592
J
4 months ago
I
InfiTechNew Participant
asked in API
Exact Search

I am Searching For File Which Have Keyword “Disposition”  I am Getting the Files Which have Keyword “Disposition” But Getting files Which Have Keyword “Dispositive” Which is not appropriate or match the keyword .Check This For Reference..  

480
I
4 months ago
W
WeMakeCoolSoftwareNew Participant
asked in API
Are calls to dl.boxcloud.com chargeable? Do they count against the monthly API limit?

I know that calls to api.box.com count against an API limit of 50k to 100k calls. Do requests to `dl.boxcloud.com` count against that limit as well?  e.g., if I call `https://api.box.com/2.0/files/:file_id/content`, is that two chargeable requests counting the redirect, or one?

240
W
4 months ago
D
duggerronalddNew Participant
asked in API
"Source User is locked"

I’m an admin trying to transfer files from one user who has left our organization to her supervisor… however… I am getting an error "Source User is locked" with the API or “...is in another operation” when attempting to move files or change the folder owner in Box -- it’s been several days and it just never changes. I’ve tried several things and tried waiting for days -- but this is just a weird account that won’t budge.

200
D
4 months ago
A
AkihikoNew Participant
posted in API
Find managed user by email alias.

Hi,At this time, there appears to be no way to search for managed users by email alias.So if I want to find a user by email alias, I have to get all users and check each user's email alias one by one, which requires a lot of API calls.To reduce unnecessary API calls, could you provide an API endpoint to search for users by email alias?Akihiko

100
A
4 months ago
A
AkihikoNew Participant
asked in API
Moving folders between different owners

I'm seeing an error when moving folders between different owners.The request contents and response are as follows.It has been pointed out that a new owner should be specified, but how should I specify it?Request:PUT: https://api.box.com/2.0/folders/277094708559raw body:{    “parent”: {        “owned_by”:{“id”:“34690427263”},        “id”:“277094005474”    }} Response:{    “type”:“error”,    “status”:400,    “code”:“cannot_make_collaborated_subfolder_private”,    “help_url”:“http://developers.box.com/docs/#errors”,    “message”:“Cannot move a collaborated subfolder to a private folder unless the new owner is explicitly specified”,    “request_id”:“cajrjnhs2ugc7ixz”} 

300
A
4 months ago
A
askNew Participant
asked in Box Sign API
Inquiry Regarding Box API Functionality to Check Whether User Signed Document

Dear Box Support Team,I hope this message finds you well. We are currently in the process of integrating Box API functionalities into our application. While we have successfully accessed sign requests through the Box API, we have encountered specific requirement that we are seeking clarification on:Checking if a User Has Signed a Document: We need functionality in the Box API that allows us to determine whether a specific user has already signed a document. Unfortunately, We didn't find this functionality in the current Box API for sign requests. Are there alternative methods we could utilize?Thanks.

341
Hiro Box
4 months ago
C
CCDNew Member
asked in API
JWT format?

Hi,I am generating a token following the tutorial for JWTs (grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer"). The API does return an access token, and it does work, but it doesn't seem to have the structure of a JWT (3 sections separated by dots...).I am requesting it using a RSA key pair to sign the request.I wonder if the tokens are encoded in a particular way, encrypted, or it is just an access token and not really a JWT.Thanks!

353
G
4 months ago
terriburden Box
terriburden BoxNew Participant
asked in Box AI API
Interactions with Box AI recorded in the User Activity Report

What types of user interactions with Box AI are recorded in the User Activity Report, and how can Box Admins utilize this information?

201
J
4 months ago
V
vishalpchaudhariNew Participant
posted in API
Inquiry About Approval Status of Custom App Auth 2.0

Hello, I hope this email finds you well. I am writing to inquire about the status of my custom app Auth 2.0, which was submitted for approval on 27th June. It appears to still be under review. Could you kindly provide an update on when it is expected to be approved?

171
G
4 months ago
R
RnnyNew Participant
asked in API
Error uploading: "API upload contained multiple file parts"

I use Claris FileMaker to upload a file via https://upload.box.com/api/2.0/files/contentI use following cURL: "--location --header \"Content-Type: multipart/form-data\" --header \"Authorization: Bearer XXX\" --form \"attributes=@$JSON\" --form \"file=@$Fil\" -D $header"I get HTTP/1.1 400 Bad Request with this in return: {"code":"bad_request","help_url":"http://developers.box.com/docs/#errors","status":400,"message":”API upload contained multiple file parts","type":"error"}I dont see any info on “API upload contained multiple file parts” in the link, or on the web. Someone knows what it mean and how to solve it?  

320
R
5 months ago
G
gopal.thakurNew Participant
posted in SDKs and Tools
How to get box user id when i exchanging OKTA SSO token with box

I want to login box using okta SSO token I have box integrated with okta for SSO but then i use box SDK in node and try to login in box am unable to pass correct user id of box , i am using okta sub as my box user id but it thronging error user not valid

130
G
5 months ago
J
jbuck79New Participant
posted in SDKs and Tools
Next gen .Net SDK throws CryptographicException on most operations most of the time

I’m playing around with the next generation .Net SDK and at least half of my calls to upload a file or create a folder are throwing an exception about RSA parameters in a cryptography library. The full exception is like this: System.Security.Cryptography.CryptographicException: The specified RSA parameters are not valid. Exponent and Modulus are required. If D is present, it must have the same length as Modulus. If D is present, P, Q, DP, DQ, and InverseQ are required and must have half the length of Modulus, rounded up, otherwise they must be omitted. at System.Security.Cryptography.CngHelpers.ToBCryptBlob(RSAParameters& parameters) at System.Security.Cryptography.RSABCrypt.ImportParameters(RSAParameters parameters) at System.Security.Cryptography.RSA.Create(RSAParameters parameters) at Microsoft.IdentityModel.Tokens.AsymmetricAdapter.InitializeUsingRsaSecurityKey(RsaSecurityKey rsaSecurityKey, String algorithm) at Microsoft.IdentityModel.Tokens.AsymmetricAdapter..c

10810
M
5 months ago
U
user262New Participant
posted in SDKs and Tools
Socket hang up - oauth2 token

Hi, Some time we are getting “socket hang up” error (/oauth2/token) during call file upload and download method. This is not happening every time. But we stuck when it occurs. Could you please help us to resolve this issue. Thanks.

260
U
5 months ago
W
weiliesNew Participant
posted in SDKs and Tools
Limit folder share to external clients

We are a software house, currently we signed up box.net, and we would like to share out different folders based on client, e.g. my-box.net account + ClientA folder + ClientB folder and our client A, B are not box’s subscribers. Hence, is it possible for us to share any credentials (similar to SFTP) and allow client A, B to access their folders respectively and pull out their files?

310
W
5 months ago
N
nihal_veNew Participant
published in SDKs and Tools
BOX-CLI authentication with JWT raising Auth Error

I’m using a free personal BOX account, and I’m trying to connect to a JWT BOX app through a aws EC2 instance of Ubuntu. I’ve configured my JWT app, created the public and private key, and run “box:configure:environments:add [json path file]” on my server. I then tried to run “box users” to see if I’m connected with my app, but that resulted in the error: “Auth Error: Please check the ‘sub’ claim. The ‘sub’ specified is invalid. [400 Bad Request] invalid_grant - Please check the ‘sub’ claim. The ‘sub’ specified is invalid.” Does anyone know how to fix it? Thanks!

721
rbarbosa Box
5 months ago
B
boyoboy18New Participant
published in SDKs and Tools
Custom app - Authorization tab not available

I have created a custom app, create public/private key as well but not getting an option to submit app for authorization. There is no Authorization tab. In General Settings tab, it is showing Enterprise id as 0

690
rbarbosa Box
5 months ago
rbarbosa Box
rbarbosa BoxDeveloper Advocate
posted in SDKs and Tools
Free developer accounts - PLEASE READ

We want to make you aware of a recent effort by certain third-party bad actors to leverage free Box developer accounts in a social engineering attack on certain Box free individual accounts. Upon discovery of this issue, Box decided to temporarily disable new sign-ups for free developer accounts while we work to implement additional technical controls to prevent similar efforts in the future. The security and integrity of our Service is of utmost priority to Box, and we must ensure that we are providing the most secure product experience to our customers. We understand that some Enterprise customers use these free developer accounts for their own business purposes, and that they may have questions about their inability to sign-up new free accounts. Please use the following talking points when addressing these Customers’ questions or concerns: Any free developer accounts that were in place before March 9, 2023 are unaffected by this action; Customers may continue to use these pre-exist

11300
rbarbosa Box
5 months ago
rbarbosa Box
rbarbosa BoxDeveloper Advocate
posted in SDKs and Tools
Free developer accounts are BACK!

Hi, Last year we had to disable the creation of free developer accounts due to abuses from some bad actors. You can read about it here: Free developer accounts -Please READ I’m happy to inform that creation of free developer accounts is now back! To create a free developer account simple navigate to the developer signup. The main difference between the free developer account and a simple free account is that the developer version has access to the administrator console which will allow you to authorize JWT and CCG applications. Stuck with OAuth 2.0? Not anymore! Enjoy!

4080
rbarbosa Box
5 months ago
masayoshi_sawada
masayoshi_sawadaNew Participant
posted in API
Issue with Box UI Element Content Preview Timing Out

Hello Box Developer Community, I hope this message finds you well. I am currently experiencing an issue with the Box UI Element’s Content Preview feature in our application. We are using this feature to preview PDFs, but we have noticed that the preview becomes unavailable after approximately 10 to 15 minutes. We have confirmed that this issue also occurs in the official documentation, where the preview times out after the same duration. We are seeking a solution to prevent this from happening without requiring our users to clear their cache. Additionally, we have identified that URLs from the domain dl.boxcloud.com, which are provided by Box for downloading, expire after 15 minutes. We suspect this might be related to the issue we are experiencing with the content preview timing out. Could anyone confirm if this expiration is affecting the preview functionality and provide guidance on how to handle it? Here are a few considerations and questions we have: Session Expiration: It seems

330
rbarbosa Box
5 months ago
rbarbosa Box
rbarbosa BoxDeveloper Advocate
asked in SDKs and Tools
Box Postman Advanced Collection: Errors decrypting the private key

Hi folks, For those of you using the Box Postman advanced collection with JWT authentication, with a recently generated private key, you might be having error when the pre-request script tries to get a new access token. The error in question is a malformed PCKS. The reason behind this is that Box has updated the encryption method of the private key to something not supported by the JSRSASign v10.x. The good news is that the new version of JSRSASign (v11.x) does support it. While we fix the collection here is a quick fix: Download the JSRSASign from the CDN. Go to and select the Box Advanced collection Replace the content of the variable libJSRSASign with the content from the CDN link above. Remember to Save!!! Your all set. We’ll update the collection in Postman shortly.

980
rbarbosa Box
5 months ago
AndrewC
AndrewCParticipating Frequently
asked in API
Questions about 401 errors while applying Metadata Templates

Good morning, I have a long running process that starts by reading the directory contents of between 70k + 700k files, when running the process on a very small set of data, it works 100%, on my side of the process it then runs a series of ‘things’ on that data, then generates a metadata template and stamps it on the file. This works 100% until, what I think is, the token becoming stale/invalid/expired. I say this because if this process runs for like 4-6hrs, nothing. It works perfect, but around 24hr, when i stamp the template i get 401 errors. So the first thing i did (my program is in Rust) is re-build my auth before stamping the templates. Example Code: let client = Client::builder().build().unwrap(); let params = [ (“client_id”, “”), (“client_secret”, “”), (“grant_type”, “client_credentials”), (“box_subject_type”, “enterprise”), (“box_subject_id”, “534608”), ]; //Get client token let response = client .post(“https://api.box.com/oauth2/token”) .form(&params) .send() .await .un

1140
system
5 months ago
D
djones4New Participant
asked in SDKs and Tools
[Python] Updating user enterprise not working, permission error

We have a number of users outside of our domain that were inappropriately added as managed users. I want to roll them off the enterprise and convert them to external users, but when using box-sdk-gen and emit a client.users.update_user_by_id(xxxx, enterprise=None) nothing happens. It seems to execute successfully, but fetching that user again shows that the enterprise information is still present. If I try to execute with enterprise={'id':None} or enterprise='null' I get a 403 insufficient permissions error. I noticed that the type on the enterprise field is str so that’s why I tried the latter. { 'code': 'access_denied_insufficient_permissions', 'help_url': 'http://developers.box.com/docs/#errors', 'message': 'Access denied - insufficient permission', 'request_id': 'xxxxx', 'status': 403, 'type': 'error'} Raw body: {"type":"error","status":403,"code":"access_denied_insufficient_permissions","help_url":"http:\/\/developers.box.com\/docs\/#

550
system
5 months ago
B
box-secuvyNew Participant
posted in API
Skip notification for specific user activity

Hi Box Team I have a Box business account that has a monitoring system in place to track which files are being downloaded by each user. I would like to exclude a specific user (identified by their user ID or email address) from this monitoring system. Is there a manual process within the Box admin console to achieve this? Or is it possible to do this programmatically via the Box API? Please provide the steps for both the manual process and the API method, if available. I want to understand how to selectively skip monitoring for a single user while keeping it enabled for all other users. Let me know if you need any clarification on the question. I appreciate you taking the time to provide a detailed response on how to accomplish this in Box. Thanks

710
B
5 months ago

Badge winners

Show all badges

Didn't find what you were looking for?

Ask the Community
Terms & ConditionsCookie settings