Hello,
I am trying to access my Box app with Python code, that is using JWT to authenticate. Here is my code:
from boxsdk import JWTAuth
from boxsdk import Client
from cryptography.hazmat.primitives.serialization import load_pem_private_key
import json
import base64
private_key_fpath = "/path/to/PrivatKey.pem"
#Settings below generated by the Box Developer Console
settings_fpath = "/path/to/1234__config.json"
with open(private_key_fpath, "rb") as key_file:
priv_rsakey = load_pem_private_key(key_file.read(), password=None)
with open(settings_fpath, "r") as f:
settings = json.loads(f.read())
settings['boxAppSettings']['appAuth']["privateKey"] = priv_rsakey
auth = JWTAuth.from_settings_dictionary(
settings
)
access_token = auth.authenticate_instance()
I get the following error
BoxOAuthException:
Message: "kid" invalid, unable to lookup correct key
Status: 400
URL: https://api.box.com/oauth2/token
Method: POST
Headers: {'Date': 'Mon, 22 Apr 2024 20:27:23 GMT', 'Content-Type': 'application/json', 'Strict-Transport-Security': 'max-age=31536000', 'Set-Cookie': 'box_visitor_id=6626c5ed677b62.17237192; expires=Tue, 22-Apr-2025 20:27:23 GMT; Max-Age=31536000; path=/; domain=.box.com; secure; SameSite=None, bv=MONO-6104; expires=Mon, 29-Apr-2024 20:27:23 GMT; Max-Age=604800; path=/; domain=.app.box.com; secure, cn=53; expires=Tue, 22-Apr-2025 20:27:23 GMT; Max-Age=31536000; path=/; domain=.app.box.com; secure, site_preference=desktop; path=/; domain=.box.com; secure', 'Cache-Control': 'no-store', 'Via': '1.1 google', 'Alt-Svc': 'h3=":443"; ma=2592000,h3-29=":443"; ma=2592000', 'Transfer-Encoding': 'chunked'}
Is my code missing anything?
Thanks!