Skip to main content
Question

Box Content Picker vs Box File Picker

  • May 21, 2025
  • 4 replies
  • 51 views
C
Forum|alt.badge.img

I am trying to build an integration for our app with Box.The user needs to be able to pick files stored inside box and move it our application.

Looking at Box documentation, there seems to be two options for this:

1. Box Content Picker

2. Box File Picker

The first one seems to be based on Oauth which is not necessarily a bad thing. This just means that we will have integrate it through the backend code.

The second options seems to claim that it does not need Oauth.  When I use it, I seem to be getting a download url for chosen file(s). I could potentially use this to get hold of the file contents and the url seems to work without any authentication. Can I leverage this safely to access the contents of the user's "box" folder and transfer the files to my application. Also, is it recommended for production use. Please let me know.

 

    4 replies

    C
    Forum|alt.badge.img

    The Box File Picker is our legacy picker. It has an old UI and was designed for the "managed" user use case. When you launch it, it asks for a user name and password like as if you are signing into the Box web app. Then the user can pick files from their own account.

     

    The Box Content Picker is our new picker which is client side JS based. It works with both "managed" and "app" users (https://developer.box.com/v2.0/docs/box-content-picker#section-authentication). All it requires is an auth token, but you are responsible for generating that auth token as listed here https://developer.box.com/v2.0/reference#authorize. A very naïve client-side implementation (something you should not do or copy, but is only there for quick demo purposes) can be seen here https://github.com/box/box-ui-elements-demo/blob/master/src/Login.js. 

     

    The download URLs that both generate are open URLs with a hash but only work for a short period of time. They essentially do something similar to https://codepen.io/box-platform/pen/dRqjbB.

     

    For more auth stuff see https://developer.box.com/docs/authentication

    C
    Forum|alt.badge.img

    So I can't use the picker without the server side token generation request?

    Bummer. OneDrive, GDrive, Dropbox all allow you to use client-side-only drop-in picker. Gosh, you're not keeping up 🙂

    C
    Forum|alt.badge.img

    Is it possible to create an all client experience (auth + file picker) like the dropbox file chooser?  https://www.dropbox.com/developers/chooser

    C
    Forum|alt.badge.img

    I'm running into the same issue as above. Is it possible to do something like the Dropbox chooser or do we have to go through the backend?

    Terms of ServiceAccessibility statement