I have a custom app registered/authorized by our Box admin with a permission scope of App+Enterprise , the C# client is using the Client Credentials Grant authentication method. I can get users in our Enterprise with the GetEnterpriseUsersAsync() method with no issue. However, it throws an exception of
Box.V2.Exceptions.BoxAPIException : The API returned an error [Forbidden | figvvzhkcgjuvsex.02c4ce4ec440d4ba759f146d40493582d] forbidden - Forbidden
when attempting to update a user via the .NET sdk UpdateUserInformationAsync method.
C# code is as follows:
_boxConfig = new BoxConfigBuilder(BOX_CLIENT_ID, boxClientSecret).SetEnterpriseId(BOX_ENTERPRISE_ID).Build();
_boxCCG = new BoxCCGAuth(_boxConfig);
_boxClient = _boxCCG.AdminClient();
to update the user is coded as follows:
public async Task UpdateUser(BoxUser user, string? setColleagueId = null)
{
var updates = new BoxUserRequest();
// pass the user properties into the updates object
updates.Address = user.Address;
updates.ExternalAppUserId = !string.IsNullOrEmpty(setColleagueId) ? setColleagueId : user.ExternalAppUserId;
updates.Id = user.Id;
updates.JobTitle = user.JobTitle;
updates.Role = user.Role;
updates.Phone = user.Phone;
updates.Login = user.Login;
return await _boxClient.UsersManager.UpdateUserInformationAsync(updates);
}
Any thoughts? I would have thought that having the app scoped as App+Enterprise would have sufficient permission given it states “Manage Enterprise settings, content and users”.