I’m currently encountering an issue while attempting to utilize JWT authentication with the Box SDK in Node.js.

Issue with Invalid ‘sub’ Claim in JWT for Box Authentication(Error: Auth Error: Please check the ‘sub’ claim. The ‘sub’ specified is invalid. d400 Bad Request] invalid_grant - Please check the ‘sub’ claim. The ‘sub’ specified is invalid.)

Specifically, I’m trying to create a folder in my Box account programmatically using the provided code snippet.

Despite verifying the accuracy of the JWT configuration file, ensuring that the JWT token has not expired, and confirming that the client ID and private key information are correct, I continue to encounter authentication errors.

Additionally, I would like to mention that I created the application in the Box Personal Pro version, resulting in an enterprise ID of 0. Could this enterprise ID value be contributing to the authentication issue? Furthermore, even after creating another account with a free version, I’m still experiencing the same authentication error. I have observed that the free account also receives an enterprise ID, albeit still encountering issues with JWT token authentication.

Please Check source code here using Box SDK:

const config = require(‘./0_7c0qhdk1_config.json’);


const BoxSDK = require(‘box-node-sdk’);


const fs = require(‘fs’);


const path = require(‘path’);


// const Folders = require(‘box-node-sdk/lib/managers/folders’);


// const TokenManager = require(‘box-node-sdk/lib/token-manager’);

// Load your JWT configuration file


const configJSON = JSON.parse(fs.readFileSync(‘./0_7c0qhdk1_config.json’));

// Initialize the SDK


const sdk = BoxSDK.getPreconfiguredInstance(configJSON);

// Create a client with JWT authentication


const client = sdk.getAppAuthClient(‘enterprise’);

// Define the folder name and parent folder ID


const folderName = ‘New Folder’;


const parentFolderID = ‘0’; // the root folder

client.folders.create(parentFolderID, folderName)


.then(folder => {


console.log(Folder "${folderName}" created with ID: ${folder.id});


})


.catch(err => {


console.error(‘Error creating folder:’, err);


});

Furthermore, I’ve double-checked the permissions and access levels for my Box account, and everything appears to be in order. However, I’m still unable to authenticate successfully and still gets grant errors.


So And I’ve tried another way.Here are my JWT payload:

const payload = {


iss: ‘CLIENT_ID’,


sub: ‘USER_ID’,


box_sub_type: ‘user’,


aud: ‘https://api.box.com/oauth2/token’,


exp: Math.floor(Date.now() / 1000) + (60 * 60), // Expire in 1 hour


iat: Math.floor(Date.now() / 1000), // Issued at now


nbf: Math.floor(Date.now() / 1000) // Not before now


};


const options = {


algorithm: ‘RS256’, // Box API requires RS256 algorithm


header: {


typ: ‘JWT’


}


};

// Sign the JWT


const token = jwt.sign(payload, privateKey, options);

Despite these checks, I still receive the invalid ‘sub’ claim error. Could you please help me identify what might be causing this issue?


I would greatly appreciate your guidance on how to troubleshoot and resolve this authentication issue. Any insights or suggestions you can provide would be immensely helpful.

Thank you very much for your assistance.

Best regards,