Skip to main content
Question

Access token accepted but search API not returning file that is there

  • May 22, 2025
  • 2 replies
  • 14 views
C
Forum|alt.badge.img

 

 

I am very close to getting everything to work. I have at this point been able to generate a User Access Token using the .NET SDK. However, when I use this token to call the search API I get an HTTP 200 response, but no results (see below). The file I am searching for is there and when I use the OAuth Authorization on the Search API reference page the file is found. So I am getting an access token that is accepted but it is not returning the file.

 

{
"total_count": 0,
"entries": [],
"limit": 30,
"offset": 0
}

What could be wrong if my access token is accepted but the search results don't return any files?

 

I am using a single Box.com developer account. The enterprise ID is the same for both my application and the Box.com account that contains the file I am looking for. They are one in the same.

 

Here is the code I am using to generate the User Access Token.

 

using Box.V2.Config;
using Box.V2.JWTAuth;
using Box.V2.Models;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;

namespace JwtCreation
{
  public class BoxJwtUtilities
  {
    public async static void GetAuthorization()
    {
      var boxConfig = new BoxConfig("", // client id
                              "", // client secret
                              "", // enterprise id
                              "-----BEGIN ENCRYPTED PRIVATE KEY-----\n\n", // Private key
                              "", // Private key password or passphrase
                              ""); // public key id
      var boxJWT = new BoxJWTAuth(boxConfig);

      // Authenticate
      var adminToken = boxJWT.AdminToken(); //valid for 60 minutes so should be cached and re-used
      var adminClient = boxJWT.AdminClient(adminToken);

      // Create an App User
      var userRequest = new BoxUserRequest() { Name = "test appuser", IsPlatformAccessOnly = true };
      var appUser = adminClient.UsersManager.CreateEnterpriseUserAsync(userRequest).Result;

      // get a user token
      var userToken = boxJWT.UserToken(appUser.Id.ToString()); 
    }
  }
}

 

    2 replies

    C
    Forum|alt.badge.img

    Hi dh33,

     

    the result you are seeing is the content of the service account, which is currently empty, so everything is fine. With JWT each app is acting as an API user, and this account we call service account. You can read all about it here:

     

    https://developer.box.com/v2.0/docs/service-account

     

    Now to to access your own account, the account has to be part of your enterprise and you do this by casting a as-user call with your user id (from the documentation above)

     

    • Access to Any User - you can generate access tokens for both Managed Users and App Users or to make server-side calls using the As-User header to impersonate a user.

    In order to be able to do these calls you have to grant the app this  ability, which you do on the configuration site of your app in the dev console.

     

    I hope this helps.

     

    C
    Forum|alt.badge.img

    Thank you for the reply. It was helpful to know that I am at least generating the User Access token properly and should expect to see the results I am getting.

     

    What confuses me is using the User Access Token to access another Box.com account. If I have a Box.com user who has authorized my app (via Box.com App Authorization) does that mean this user is now part of my Enterprise? What do I need to do to be able to call the Search API endpoint to search the account of someone who has authorized my app to access their account? Do you have an example?

    Terms & ConditionsAccessibility statement