Skip to main content
Question

Authorization through python

  • May 22, 2025
  • 6 replies
  • 19 views
C
Forum|alt.badge.img

Can someone help me with file upload through OAuth2 to a Box app/account - provided the client id and client secret using python.

I tried with:

 

oauth2 = OAuth2(CLIENT_ID, CLIENT_SECRET, access_token=ACCESS_TOKEN)
client = Client(oauth2)

 

Soon I realized that the access token which was the developer token I generated from box website expires after an hour. After which I got:

boxsdk.exception.BoxOAuthException: Message: {"error":"unauthorized_client","error_description":"The grant type is unauthorized for this client_id"}

So, what I think is I need to find a way to generate an access token dynamically and use it instead.

 

My requirement is that this python script executes every week and uploads a report file to the box account/app-whose client id-secret will be configured.

 

NOTE: This script will run in cron job in background. So, no interaction involved with user for password prompt, etc.

    6 replies

    C
    Forum|alt.badge.img

     It sounds like your application may be using Server Auth with JWT instead of Standard OAuth2.  If this is the case, please try using the instructions at https://github.com/box/box-python-sdk#box-developer-edition to set up your application; that should fix the grant type error you're seeing.

    C
    Forum|alt.badge.img

     I am confused now. Please clarify

    1. The authorization method I have posted in Question is  - standard OAuth2 ?  I have not used any jwt auth yet. I generated a developer token by logging into my account, used this as the access token in my python script and it worked for me for first 60 minutes. After which I started getting the auth error.

    2. Now given my requirement that - the client id and client secret is configured in an automated python script which would run once a week(cron job) to upload a file - Which auth method would you suggest?

     

    Thanks 

    C
    Forum|alt.badge.img

     In the Box Developer Console, if you go to the Configuration page for your application, you'll see a section marked "Authentication Method" at the top of the page.  If this is set to "OAuth 2.0 with JWT", then you'll need to update your code as I mentioned.  Otherwise, if "Standard OAuth 2.0" is selected, then there may be some other problem.

    C
    Forum|alt.badge.img

     so what I learned is that the developer token expires in 60 minutes. So the error I get is expected.

    So, for a production like environment set-up, it's not possible to manually log-in and generate the developer token every time.

     

    So - you mean I need to go with auth-method - OAuth2.0 with JWT to suffice my requirement or is there any other method another than developer token which would suffice? 

     

    What I am expecting is - the auth type suitable for my requirement

     

    Thanks again

     

    C
    Forum|alt.badge.img

     For the use case you described (an automated cron job), the JWT auth type is the most suitable.

    C
    Forum|alt.badge.img

    Thanks 

    Terms & ConditionsAccessibility statement