Skip to main content
Question

App User CoAdmin (newly disabled?)

  • May 22, 2025
  • 6 replies
  • 22 views
C
Forum|alt.badge.img

We have developed an app against the Box API that crawls enterprise-wide content, users/groups and their permissions associations.

To achieve the users/groups/permissions side we use application users that we grant co-admin permission.

When we were developing the app we setup a number of app users with co-admin in our dev environment. Now we are coming to release and the co-admin for app users is now disabled in the interface for me (the account admin), but available and returns an "Error while editing user" in the interfaces for the human Co-Admins.

Has something changed to disable this option or have I changed an option  somewhere in the interface that has disabled it on our account maybe?

Any assist greatly appreciated, many thanks.

    6 replies

    C
    Forum|alt.badge.img

    Hi! 

    Can you confirm you were ever able to make app users a co-admin? If so, can you send me the admin's email of that dev account so I can research the account on my side? Or maybe a screenshot of the checkbox in your dev account being able to be checked? 

    Thanks, 

    Alex, Box Developer Advocate 

    C
    Forum|alt.badge.img

    Hi Alex,

    Thanks for your response. The admin email on the account is alisdair.venn@imanage.com. The app user used during development has since been deleted but we documented their use of co-admin permissions in both text and video. If you are able to view/recover deleted accounts: the user id was 14515130225.

    Thanks,

    AV

    C
    Forum|alt.badge.img

    Sorry, in answer to your first: yes, we could make app users co-admin and used the permission to "manage users/groups"

    C
    Forum|alt.badge.img

    This is very strange. As I am not aware that we have ever allowed app users to have co-admin permissions. That email is tied to you current live account. I don't see any app users with co-admin status. I also can't look up the deleted app user. This may not help you with your original question, but making an app user a co-admin is not a current Box feature - at least not to my knowledge. 

    C
    Forum|alt.badge.img

    Hi Alex,

    Thanks for getting back to me. If you don't allow co-admin to app users, what, then, is the approach you guys suggest for crawling users/groups/permissions in a scalable way? That is, we avoid throttling on app user tokens when crawling files/folder by cycling the app user hitting the api - how do we achieve similar, please?

    Thanks,

    AV

    C
    Forum|alt.badge.img

    Regarding the same problem from the same account:

    If we try to retrieve the users and groups using managed users with co-admin permission the retrieval works. When trying to use an application user we run into the following error:

    com.box.sdk.BoxAPIResponseException: The API returned an error code [403 | vk0c5zgsv9fcni3d.15b96c9ecb759802c930a607568a2c1b4] access_denied_insufficient_permissions - Access denied - insufficient permission
    at com.box.sdk.BoxAPIResponse.<init>(BoxAPIResponse.java:92) ~[?:?]
    at com.box.sdk.BoxJSONResponse.<init>(BoxJSONResponse.java:32) ~[?:?]
    at com.box.sdk.BoxAPIRequest.trySend(BoxAPIRequest.java:680) ~[?:?]
    at com.box.sdk.BoxAPIRequest.send(BoxAPIRequest.java:382) ~[?:?]
    at com.box.sdk.BoxAPIRequest.send(BoxAPIRequest.java:349) ~[?:?]
    [..]
    at com.box.sdk.BoxUserIterator.hasNext(BoxUserIterator.java:20) ~[?:?]

    How can we retrieve the users and groups in a stable and scalable manner? From our understanding application users are the preferred way to access Box data using the APIs when requiring more than 16.67 calls per seconds.

     

    Terms of ServiceAccessibility statement