Hi, I am testing box.com API functions with cURL and ran into issues. Here is the description of the steps i took.
First I created an app with Client Credential Grant auth method, and a test folder and file.
1) Using client_id/secret, and box_subject_type=user, I was able to get an access token from the token endpoint,
$ curl -i -k -X POST "https://api.box.com/oauth2/token" -H "Content-type: application/x-www-form-urlencoded" -d "grant_type=client_credentials" -d "box_subject_type=user" -d "box_subject_id=[USER_ID]" -d "client_id=[CLIENT_ID]" -d "client_secret=[CLIENT_SECRET]"
and then
2) using the access token I was able to see the test folder and its content - a test file with test id
curl -k -i -X GET "https://api.box.com/2.0/folders/[FOLDER_ID]" -H "Authorization: Bearer [ACCESS_TOKEN]"
I got a json string with the file id.
3) I then tried to use the same access token to download the file using the file id and ran into an insufficient permission error, but I was able to download the file from the web UI. I am the only user of the account
curl -k -i -X GET "https://api.box.com/2.0/files/[FILE_ID]/content" -H "Authorization: Bearer [ACCESS_TOKEN]" -L
Below is the error response:
HTTP/2 403
date: Thu, 23 Jun 2022 23:10:27 GMT
content-type: application/json
x-envoy-upstream-service-time: 162
box-request-id: 1724c11030aaec1fa9e264afb00aa8fc5
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
{"type":"error","status":403,"code":"access_denied_insufficient_permissions","help_url":"http:\/\/developers.box.com\/docs\/#errors","message":"Access denied - insufficient permission","request_id":"iarobjh3iytfa9bx"}
Can't figure out why. Appreciate any help!
