Skip to main content

Developer Token


  • New Participant
  • 2 replies

hi how can i do

Not to expire this Developer Token? . is valid for 60 minutes

4 replies

rbarbosa Box
  • Developer Advocate
  • 553 replies
  • February 8, 2024

Hi @morad , welcome to the forum.


In short you can’t.


Developer tokens expire in 60 minutes and must be manually re-generated in the developer console.


I understand that this is not very practical, but please consider using other forms of authentication, such as OAuth, CCG or JWT.


Best regards


  • Author
  • New Participant
  • 2 replies
  • February 8, 2024

I wrote a script to download the logs via jwt but the script stops working every 60 minutes after the script stops running the script works without generating

Can you help me why does it stop working every 60 minutes?


rbarbosa Box
  • Developer Advocate
  • 553 replies
  • February 8, 2024

Hi @morad


So all access tokens expire every 60 minutes.

Your script should check if the access token is about to expire and get a new one.

In OAuth you use the refresh token to do that, and both in JWT and CCG you just request a new access token.


Typically for script usage, CCG is the easiest since it only requires the client id and client secret.


If you use one of our SDKs or Box CLI, the refresh is automatically taken care of.


Can you elaborate a bit more about your use case?


Cheers


  • Author
  • New Participant
  • 2 replies
  • February 8, 2024

Thanks for helping.

This my script.


import json

import time

import os

import requests

from boxsdk import JWTAuth, Client


Replace these with your actual Box API credentials

CLIENT_ID = ‘’

CLIENT_SECRET = ‘’

ENTERPRISE_ID = ‘’

JWT_KEY_ID = ‘’

RSA_PRIVATE_KEY_FILE_PATH = ‘/root/private_key.pem’

RSA_PRIVATE_KEY_PASSPHRASE = ‘’


Ensure the log directory exists

log_file_path = “/var/log/M-box.log”

os.makedirs(os.path.dirname(log_file_path), exist_ok=True)


Function to initialize Box client using JWT authentication


def initialize_box_client():

auth = JWTAuth(

client_id=CLIENT_ID,

client_secret=CLIENT_SECRET,

enterprise_id=ENTERPRISE_ID,

jwt_key_id=JWT_KEY_ID,


rsa_private_key_file_sys_path=RSA_PRIVATE_KEY_FILE_PATH,

rsa_private_key_passphrase=RSA_PRIVATE_KEY_PASSPHRASE,

)

access_token = auth.authenticate_instance()

client = Client(auth)

return client


Define the URL for the Box Events API


url = “https://api.box.com/2.0/events


Parameters for the API request


params = {

“stream_type”: “admin_logs_streaming”,

“limit”: 100, # Adjust as needed, max is 500


Include other parameters as needed


}


Function to make the API request and return the events


def get_box_events(url, headers, params, log_file_path):

while True:

response = requests.get(url, headers=headers, params=params)

if response.status_code != 200: print(“Error:”, response.status_code, response.text)

break


data = response.json()

events = data[‘entries’]


Write events to log file


if events:

with open(log_file_path, ‘a’) as log_file:

for event in events:

log_file.write(json.dumps(event) + ‘\n’)


next_stream_position = data.get(‘next_stream_position’)

if not next_stream_position or next_stream_position == params.get(‘stream_position’):

break # Exit the loop if there are no more events to process


params[‘stream_position’] = next_stream_position


Sleep for a short duration to avoid hitting the rate limit


time.sleep(40)


Initialize Box client


client = initialize_box_client()


Define the headers for the API request


headers = {

“Authorization”: f"Bearer {client.auth.access_token}"

}


Start getting events and logging


get_box_events(url, headers, params, log_file_path


קבל ‏Outlook עבור Android‏

Breach of confidentiality CONFIDENTIAL: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. Liability for the unintentional transmission of computer viruses WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. Negligent misstatement Our company accepts no liability for the content of this email, or for the consequences of any actions taken on the basis of the information provided, unless that information is subsequently confirmed in writing. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.



Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings