Hi @morad , welcome to the forum.

In short you can’t.

Developer tokens expire in 60 minutes and must be manually re-generated in the developer console.

I understand that this is not very practical, but please consider using other forms of authentication, such as OAuth, CCG or JWT.

Best regards

I wrote a script to download the logs via jwt but the script stops working every 60 minutes after the script stops running the script works without generating


Can you help me why does it stop working every 60 minutes?

Hi @morad

So all access tokens expire every 60 minutes.


Your script should check if the access token is about to expire and get a new one.


In OAuth you use the refresh token to do that, and both in JWT and CCG you just request a new access token.

Typically for script usage, CCG is the easiest since it only requires the client id and client secret.

If you use one of our SDKs or Box CLI, the refresh is automatically taken care of.

Can you elaborate a bit more about your use case?

Cheers

Thanks for helping.


This my script.

import json


import time


import os


import requests


from boxsdk import JWTAuth, Client

Replace these with your actual Box API credentials


CLIENT_ID = ‘’


CLIENT_SECRET = ‘’


ENTERPRISE_ID = ‘’


JWT_KEY_ID = ‘’


RSA_PRIVATE_KEY_FILE_PATH = ‘/root/private_key.pem’


RSA_PRIVATE_KEY_PASSPHRASE = ‘’

Ensure the log directory exists


log_file_path = “/var/log/M-box.log”


os.makedirs(os.path.dirname(log_file_path), exist_ok=True)

Function to initialize Box client using JWT authentication

def initialize_box_client():


auth = JWTAuth(


client_id=CLIENT_ID,


client_secret=CLIENT_SECRET,


enterprise_id=ENTERPRISE_ID,


jwt_key_id=JWT_KEY_ID,

rsa_private_key_file_sys_path=RSA_PRIVATE_KEY_FILE_PATH,


rsa_private_key_passphrase=RSA_PRIVATE_KEY_PASSPHRASE,


)


access_token = auth.authenticate_instance()


client = Client(auth)


return client

Define the URL for the Box Events API

url = “https://api.box.com/2.0/events”

Parameters for the API request

params = {


“stream_type”: “admin_logs_streaming”,


“limit”: 100, # Adjust as needed, max is 500

Include other parameters as needed

}

Function to make the API request and return the events

def get_box_events(url, headers, params, log_file_path):


while True:


response = requests.get(url, headers=headers, params=params)


if response.status_code != 200: print(“Error:”, response.status_code, response.text)


break

data = response.json()


events = data ‘entries’]

Write events to log file

if events:


with open(log_file_path, ‘a’) as log_file:


for event in events:


log_file.write(json.dumps(event) + ‘\n’)

next_stream_position = data.get(‘next_stream_position’)


if not next_stream_position or next_stream_position == params.get(‘stream_position’):


break # Exit the loop if there are no more events to process

paramso‘stream_position’] = next_stream_position

Sleep for a short duration to avoid hitting the rate limit

time.sleep(40)

Initialize Box client

client = initialize_box_client()

Define the headers for the API request

headers = {


“Authorization”: f"Bearer {client.auth.access_token}"


}

Start getting events and logging

get_box_events(url, headers, params, log_file_path

קבל ‏Outlook עבור Android‏


Breach of confidentiality CONFIDENTIAL: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. Liability for the unintentional transmission of computer viruses WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. Negligent misstatement Our company accepts no liability for the content of this email, or for the consequences of any actions taken on the basis of the information provided, unless that information is subsequently confirmed in writing. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.