I am using your API to upload/download files to Box. I have managed to list all the folders and files but when trying to upload or download files and i’m receiving 403 error insufficient_scope. I have created a OAuth 2.0 app and i have all permissions (having a free account).
With just this information it is hard to help you.
Are you able to get an access token? Does your app completes the authorization process?
Can you give us more details?
Cheers
See if this sample from the node SDK works for you:
Hi,
Yes, i have a access token and using getBasicClient method and later I am listing all the necessary folders in the same function. The authentication was succesful, but later when I use the same access token it does not allow me to download or upload files, should I generate another token to allow me to do that?
The access token only lasts 60 minutes, but it should be automatically refreshed if you are using the SDK’s. When you say later, is it over 60 minutes later?
Could you send us a code sample that we can use to replicate your issue?
it really seems to me as you didn’t have enabled right scope “Write all files and folders stored in Box”. Are you sure you have saved it? After the change remember to get a fresh token. If it still doesn’t work, can you provide your app id ?
Best
Hi,
Yes i have all permissions
Do i need to have the app published?
@antonio saving app is enough. To what folder are you trying to upload and download ? Do you have permission to access it ?
Hi,
I am trying to upload and download to a folder created by me and i have all permissions but nothing…
Also, i tried to upload and download with a shared folder with all permission
Can you try that curl to exclude SDK from possible sources of the error ? Please fill <FILE_ID> and <ACCESS_TOKEN> with your data.
curl -i -L -X GET "https://api.box.com/2.0/files/<FILE_ID>/content" \
-H "authorization: Bearer <ACCESS_TOKEN>" \
I have the same error:
Also, i tested the sdk with python and i have the same error
This command should return fields such as can_download and 'an_upload. If they have a value of false, it means that the token used doesn’t have the necessary permissions.
Could you also confirm that the user returned in the created_by field in the previous request is the same as the one resulting from this request?
The problem I had was when I generated the access_token and the refresh_token did not have permissions for folder editing. I activated the permissions later and when I refreshed the token, the access_token still did not have those permissions.
Subsequently, I regenerated the access_token and refresh_token with the permissions set and was able to manage the folders y pude resolver mi problema.
Para aquellos que no sepan, pueden generar ese token en este enlace por si les sirve de ayuda: