Hi @nobuhiro_yane
If I’m understanding correctly yes for sure.
Box has the concept of the as-user header, where a service account can impersonate any user as long as it is configured to do so from a security perspective.
So here is a python example (assuming a JWT app):
from boxsdk import JWTAuth, Client
def main():
auth = JWTAuth.from_settings_file(".jwt.config.json")
client = Client(auth)
user = client.user().get()
print(f"Hello, {user.name}! ({user.login})")
# as user client
rb_user = client.user(user_id="18622116055")
as_user = client.as_user(rb_user)
user = as_user.user().get()
print(f"Hello, {user.name}! ({user.login})")
if __name__ == "__main__":
main()
This example assumes a JWT app configured as:
Please note if you change the configurations of your app then it needs to be re-submitted for approval by your admin.
Let us know if this helps.
Cheers
Hello, this is Yane.
thank you. It was helpful.
I will try it once.
Hello, this is Yane.
Thank you for contacting us.
Safely, I came to the process with JWT authentication.
Please tell me one more thing.
In this example, the authentication method in the JWT app,
Can the same work be done with authentication with the CCGAuth app?
It would be very helpful if you could attach the settings in that case and a screenshot of the python code.
If you could teach me, it’ll helps a lot.
Hi Yane (@nobuhiro_yane )
For the service account it works the same way. For example my CCG app config is:
(I have all permissions selected)
Then you need to create a CCGAuth object:
def ccg_from_enterprise_config(config: AppConfig) -> CCGAuth:
"""
Returns a boxsdk CCGAuth object
from the configuration file
"""
return CCGAuth(
client_id=config.client_id,
client_secret=config.client_secret,
enterprise_id=config.box_subject_id,
)
The AppConfig you see above just reads from a .env file, you’ll need the client id, client secret, and the enterprise id (in the env file represented as box_subject_id).
Then I have a method that returns a client:
def get_ccg_enterprise_client(config: AppConfig, as_user_id: str = None) -> Client:
"""Returns a boxsdk Client object"""
auth = ccg_from_enterprise_config(config)
client = Client(auth)
if as_user_id:
as_user = client.user(user_id=as_user_id).get()
return client.as_user(as_user)
return client
Finally the main.py looks like this:
import logging
from app.config import AppConfig
from app.box_client import get_ccg_enterprise_client
logging.basicConfig(level=logging.INFO)
logging.getLogger("boxsdk").setLevel(logging.CRITICAL)
conf = AppConfig()
def main():
"""
Simple script to demonstrate how to use the Box SDK
with CCG authentication
"""
client = get_ccg_enterprise_client(conf)
user = client.user().get()
print(f"Logged in as {user.name}")
client_as_user = get_ccg_enterprise_client(conf, as_user_id="18622116055")
as_user = client_as_user.user().get()
print(f"Acting as {as_user.name}")
if __name__ == "__main__":
main()
and the result is:
Logged in as CCG
Acting as Rui Barbosa
Let us know if this helps
Cheers
Hello, this is Yane.
thank you for your advice
It looks like it will be very helpful. I will try it once.
I will share the results separately.
