Skip to main content

Hi,

 

I have a web application that integrated with Standard OAuth 2.0 (User Authentication). It works well. While now, I need to setup a workflow to access my personal BOX account directly, without performing the authorization workflow of  OAuth 2.0. i.e. I need a workflow of 2 legged, instead of 3 legged.

 

In BOX,it sounds like  OAuth 2.0 with JWT (Server Authentication) is something that I am seeking for. I have the experience with other web services such as DropBox. They have such endpoint as:

{{base_url}}/authentication

POST

client_id:{{my_client_id}}

client_secret:{{my_client_secret}}

grant_type: client_credentials

 

However, when I tested with such way by BOX, the response threw the error:

{
"error": "unauthorized_client",
"error_description": "The \"box_subject_type\" value is unauthorized for this client_id"
}

Could you shed a light on whether 2 legged authentication is supported, or how to work with it?

 

Note: in BOX account console, a static token is provided, but I wanted to generate the token in my application, instead of copying pasting the static token.

 

Thank you!

 

 


Generate User Access Token is also enabled.

 

BOX_p4m69ed9tebxm0tol2x2sv6k9t3lp1ls.png

 

 

 


Hey , OAuth2 with JWT would be what you're looking for. You can see an overview of our Authentication models here:


https://developer.box.com/v2.0/docs/authentication


 


The best way to use that Auth type is by using an SDK and following our instructions here:


https://developer.box.com/v2.0/docs/authentication-with-jwt


https://developer.box.com/v2.0/page/sdks/


https://developer.box.com/v2.0/docs/app-users


 


If not using an SDK directly, our instructions for manually generating a JWT are here:


https://developer.box.com/v2.0/docs/construct-jwt-claim-manually


 


Take a look over those instructions and make sure you're formatting your request properly. Hope that helps!


 


Thanks,


Jason


 


Reply


Terms & ConditionsCookie settings