-
Recently active
I want to login box using okta SSO token I have box integrated with okta for SSO but then i use box SDK in node and try to login in box am unable to pass correct user id of box , i am using okta sub as my box user id but it thronging error user not valid
I’m playing around with the next generation .Net SDK and at least half of my calls to upload a file or create a folder are throwing an exception about RSA parameters in a cryptography library. The full exception is like this: System.Security.Cryptography.CryptographicException: The specified RSA parameters are not valid. Exponent and Modulus are required. If D is present, it must have the same length as Modulus. If D is present, P, Q, DP, DQ, and InverseQ are required and must have half the length of Modulus, rounded up, otherwise they must be omitted. at System.Security.Cryptography.CngHelpers.ToBCryptBlob(RSAParameters& parameters) at System.Security.Cryptography.RSABCrypt.ImportParameters(RSAParameters parameters) at System.Security.Cryptography.RSA.Create(RSAParameters parameters) at Microsoft.IdentityModel.Tokens.AsymmetricAdapter.InitializeUsingRsaSecurityKey(RsaSecurityKey rsaSecurityKey, String algorithm) at Microsoft.IdentityModel.Tokens.AsymmetricAdapter..c
Hi, Some time we are getting “socket hang up” error (/oauth2/token) during call file upload and download method. This is not happening every time. But we stuck when it occurs. Could you please help us to resolve this issue. Thanks.
We are a software house, currently we signed up box.net, and we would like to share out different folders based on client, e.g. my-box.net account + ClientA folder + ClientB folder and our client A, B are not box’s subscribers. Hence, is it possible for us to share any credentials (similar to SFTP) and allow client A, B to access their folders respectively and pull out their files?
I’m using a free personal BOX account, and I’m trying to connect to a JWT BOX app through a aws EC2 instance of Ubuntu. I’ve configured my JWT app, created the public and private key, and run “box:configure:environments:add [json path file]” on my server. I then tried to run “box users” to see if I’m connected with my app, but that resulted in the error: “Auth Error: Please check the ‘sub’ claim. The ‘sub’ specified is invalid. [400 Bad Request] invalid_grant - Please check the ‘sub’ claim. The ‘sub’ specified is invalid.” Does anyone know how to fix it? Thanks!
I have created a custom app, create public/private key as well but not getting an option to submit app for authorization. There is no Authorization tab. In General Settings tab, it is showing Enterprise id as 0
We want to make you aware of a recent effort by certain third-party bad actors to leverage free Box developer accounts in a social engineering attack on certain Box free individual accounts. Upon discovery of this issue, Box decided to temporarily disable new sign-ups for free developer accounts while we work to implement additional technical controls to prevent similar efforts in the future. The security and integrity of our Service is of utmost priority to Box, and we must ensure that we are providing the most secure product experience to our customers. We understand that some Enterprise customers use these free developer accounts for their own business purposes, and that they may have questions about their inability to sign-up new free accounts. Please use the following talking points when addressing these Customers’ questions or concerns: Any free developer accounts that were in place before March 9, 2023 are unaffected by this action; Customers may continue to use these pre-exist
Hi, Last year we had to disable the creation of free developer accounts due to abuses from some bad actors. You can read about it here: Free developer accounts -Please READ I’m happy to inform that creation of free developer accounts is now back! To create a free developer account simple navigate to the developer signup. The main difference between the free developer account and a simple free account is that the developer version has access to the administrator console which will allow you to authorize JWT and CCG applications. Stuck with OAuth 2.0? Not anymore! Enjoy!
Hi folks, For those of you using the Box Postman advanced collection with JWT authentication, with a recently generated private key, you might be having error when the pre-request script tries to get a new access token. The error in question is a malformed PCKS. The reason behind this is that Box has updated the encryption method of the private key to something not supported by the JSRSASign v10.x. The good news is that the new version of JSRSASign (v11.x) does support it. While we fix the collection here is a quick fix: Download the JSRSASign from the CDN. Go to and select the Box Advanced collection Replace the content of the variable libJSRSASign with the content from the CDN link above. Remember to Save!!! Your all set. We’ll update the collection in Postman shortly.
We have a number of users outside of our domain that were inappropriately added as managed users. I want to roll them off the enterprise and convert them to external users, but when using box-sdk-gen and emit a client.users.update_user_by_id(xxxx, enterprise=None) nothing happens. It seems to execute successfully, but fetching that user again shows that the enterprise information is still present. If I try to execute with enterprise={'id':None} or enterprise='null' I get a 403 insufficient permissions error. I noticed that the type on the enterprise field is str so that’s why I tried the latter. { 'code': 'access_denied_insufficient_permissions', 'help_url': 'http://developers.box.com/docs/#errors', 'message': 'Access denied - insufficient permission', 'request_id': 'xxxxx', 'status': 403, 'type': 'error'} Raw body: {"type":"error","status":403,"code":"access_denied_insufficient_permissions","help_url":"http:\/\/developers.box.com\/docs\/#
POST/CON is the Postman developer conference and this year it took place in May 1st in San Francisco. We presented a session on Advanced authentication capabilities in postman, where we featured our advance collection. Here is a video with the content of that presentation:
Hi Y’all, I recently had several interactions with developers about the Box REST API and realized there are plenty developers out there that don’t know Box provides a collection for Postman and even less are aware of our advanced collection. This takes them to a painful journey of creating a Postman collection manually, which between endpoints and methods is upwards of 150 entries. The ones who are not aware of the advanced collection, inevitably tinker with the authorization and the pre-request script in order to get Postman to work with Box CCG and JWT application authorization. Where to find the collections All postman collections can be found at our public Postman page. We essentially provide 2 different collections: Box Platform API - aka the classic collection, supports only OAuth with automatic refresh of the access token when it expires. Box Platform Advanced - supports all Box applications authentication modes (Developer, OAuth, CCG, and JWT) with automatic access token refr
I’m trying to use the .NET SDK to create a signature request for a file. My code is: public async Task<BoxSignRequest> CreateSignatureRequest(BoxUser user, string signerEmail, string emailMessage, string subject, string sourceFileId, string destinationFolderId) { var userClient = GetUserClient(user); //this uses the Client Credentials Grant to get a token for the user that owns the file BoxSignRequestCreateRequest createRequest = new BoxSignRequestCreateRequest() { AreRemindersEnabled = true, AreTextSignaturesEnabled = false, DaysValid = 10, EmailMessage = emailMessage, EmailSubject = subject, ParentFolder = new BoxRequestEntity() { Id = destinationFolderId }, Signers = new List<BoxSignRequestSignerCreate>() { new BoxSignRequestSignerCreate() { Email = signerEmail, LoginRequired = true, Role = BoxSignRequest
My request is VERY basic. Get a list of thee following: List all top level folders List the path of the folder List the owners and co-admins List the size of the folder including subfolders List the number of items in the folder and subfolders Using JWT for this and have enabled all scopes with apps + enterprise access The real issue is that I STILL have to add the service account as a co-admin to get this data. How can I ensure my enterprise token access allows me to read data enterprise-wide? It is ridiculous that this isn’t even a report in the console that I must build a custom solution.
I cannot upload to the Box by calling API in the Azure Data Factory. I can not use SDK and I got HTTP 400 error , “Malformed stream” following is the Body that I created in the Azure pipeline:( it should be in JSON format) @concat('--------------------------9fd09388d840fef1 content-disposition: form-data; name=“attributes” {“name”:“testdev.xlsx”, “parent”:{“id”:“0”}} --------------------------9fd09388d840fef1 content-disposition: form-data; name=“file”; filename=“testdev.xlsx” content-type: text/csv ‘, variables(‘varFileContents’),’ --------------------------9fd09388d840fef1– ')
I have a ui which I manage authorization via Okta. So for a user to access the box files it creates a temporary shared link that expires after an hour. This link is opened by the UI and this has worked great for past month and lets me manage more advance authorization and such on my end rather than adding people to our folders directly. However, out of no where my code stopped working and its drawing an error at the creating the shared link and the stack trace doesnt give much info. Here is my code: public async Task<string> GetSharedLink(string Id) { try { BoxClient adminClient = _session.AdminClient(await token.FetchTokenAsync()); var sharedLinkParams = new BoxSharedLinkRequest() { Access = BoxSharedLinkAccessType.company, Permissions = new BoxPermissionsRequest { Download = true, Edi
Hello, I would like to know if it is possible to prevent an employee from being able to sign a document or to request a signature. Eventually I would like some help with the java sdk. Sincerely
Is there any way to differentiate the two types of file locks, as explained below?? A user can manually lock a file. A user can click the custom application’s web-integration and it can lock the file using BOX-APIs. I have a custom application with OAuth2.0 and Web Integrations. OnClick of a web-integration, I use node-sdk (Initialised with user’s auth-code) to lock the file. Later, I used the search API to get all files in the folder., Is there any way to identify the files locked via my application, using NodeSDK? I want to unlock them only, if it is locked by the application itself. I couldn’t find anything to achieve this. Can you help me find a workaround for this?? Is there any fields in lock object, that i can re-purpose for this use-case? Thanks, Sarin
I have been struggling to get a thumbnail representation through the .net sdk. I am able to get the url for the download but everytime I try to download it through an httpclient request to return a stream, the stream results and memorystream converted to base64 are unusable. I am unsure if my approach is not correct or if there is an issue with the sdk. My code is as follows: public async Task<string> GetThumbnailImageById(string Id) { BoxClient adminClient = _session.AdminClient(await token.FetchTokenAsync()); var requestParams = new BoxRepresentationRequest() { FileId = Id, XRepHints = "[png?dimensions=1024x1024]" }; BoxRepresentationCollection<BoxRepresentation> representations = await adminClient.FilesManager .GetRepresentationsAsync(requestParams); var url = representations.Entries.FirstOrDefault().Info.Url.ToString();
I am using Box-Node-SDK to fetch details of a file in my drive. As you can see in the below screenshot, I created the file and modified it multiple times. We can clearly see that I am the owner of the file., in the file details. But, when I fetch the File-Info using Node-Box-SDK. The “Permissions” object in the response shows “can_upload” as “false”. I have created a Custom-Application to use Auth2.0. Added a Web-Integration, I used the auth-code Received from web-integration to Initialise BoxClient and Fetch FileDetails. Am I missing something obvious here? Why is “can_upload” show “false”, When I have access to the file, and uploaded a new version multiple times? Thanks, Sarin
Hi Team, I got stuck when I tried to run the script from the repository Mini Box MediaInfo Video Metadata Uploader on GitHub. I followed the README instructions step by step, and I also check the Video on YouTube. When I ran the following command: python3 src/main.py -c I got the following error: ImportError: cannot import name ‘appengine’ from ‘urllib3.contrib’ Can anyone help me understand why I got this? Thanks.
Hi, What is the use of using the SDK when we already have API. We can directly use those API. I am trying to do chunk file upload. For that it initially creates a session and then uploads parts of a file (https://upload.box.com/api/2.0/files/upload_sessions/:upload_session_id) this the API to upload parts of a file. I checked in SDK how they uploading the parts of a file, in that they have handled all the file splitting and every required. But when I tried the https://upload.box.com/api/2.0/files/upload_sessions/:upload_session_id API in postman, I am not able to upload file. My question if SDK are handling these splitting functionalities, Does API also handle all the scenarios? What is the benefit of using SDK if we already have API?
If I have my own logger+handler and not using BasicConfig… so like this… chandler = logging.StreamHandler() chandler.setFormatter(logging.Formatter('[%(levelname)s] %(asctime)s %(message)s')) logger = logging.getLogger("my_custom_logs") logger.setLevel(logging.DEBUG) logger.addHandler(chandler) I’m getting weirdness with client.uploads.upload_file_version where it hangs for 10mins, then the created version is blank. It’s not throwing any Exceptions and nothing lands in my logger What’s the correct way to get debug logs from the BoxClient?
Hi ! I’m using java1.8 version and trying to get the Token using Java SDK , but we got the below exception. Exception in thread “main” com.box.sdk.BoxAPIException: Error parsing PKCS private key for Box Developer Edition. at com.box.sdk.BoxDeveloperEditionAPIConnection.decryptPrivateKey(BoxDeveloperEditionAPIConnection.java:568)* at com.box.sdk.BoxDeveloperEditionAPIConnection.constructJWTAssertion(BoxDeveloperEditionAPIConnection.java:503)* at com.box.sdk.BoxDeveloperEditionAPIConnection.authenticate(BoxDeveloperEditionAPIConnection.java:327)* at com.box.sdk.BoxDeveloperEditionAPIConnection.getAppEnterpriseConnection(BoxDeveloperEditionAPIConnection.java:182)* at com.box.sdk.BoxDeveloperEditionAPIConnection.getAppEnterpriseConnection(BoxDeveloperEditionAPIConnection.java:216)* at com.arondor.flower.tools.box.util.BoxAPI.setAPI(BoxAPI.java:54)* at com.arondor.flower.tools.box.util.BoxAPI.getAPI(BoxAPI.java:33)* at com.arondor.flower.tools.box.service.ServiceFolder.createBaseFolder(Ser
Hi @rbarbosa, I am also trying to fetch files and folders in content explorer, using metadata query in node/react. I am facing 2 issues: getting back all files and folders for a sponsorCode metadata as a response. But only files are getting displayed in content explorer. Folders are not getting displayed. I have 3 folders with different values for sponsorCode metadata(Folder 1- TESTF metadata, Folder 2- TESTR metadata, Folder 3- TESTM metadata. I am only able to fetch files/folders for TESTR metadata. Other searches are resulting in no data in response. I have waited for more than 48 hours after applying metadata. Can you pls help solve this?
Already have an account? Login
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.
