Hi,
I have a web application that integrated with Standard OAuth 2.0 (User Authentication). It works well. While now, I need to setup a workflow to access my personal BOX account directly, without performing the authorization workflow of OAuth 2.0. i.e. I need a workflow of 2 legged, instead of 3 legged.
In BOX,it sounds like OAuth 2.0 with JWT (Server Authentication) is something that I am seeking for. I have the experience with other web services such as DropBox. They have such endpoint as:
{{base_url}}/authentication
POST
client_id:{{my_client_id}}
client_secret:{{my_client_secret}}
grant_type: client_credentials
However, when I tested with such way by BOX, the response threw the error:
{
"error": "unauthorized_client",
"error_description": "The \"box_subject_type\" value is unauthorized for this client_id"
}
Could you shed a light on whether 2 legged authentication is supported, or how to work with it?
Note: in BOX account console, a static token is provided, but I wanted to generate the token in my application, instead of copying pasting the static token.
Thank you!
