I am working on building an integration between Salesforce and Box. I am working out of an individual free tier account that has been given permissions to view files in a larger enterprise org. The primary admin has set up a Custom App with App Access Only, and the admin has also authorized the app.
When I use the client id/secret with client_credentials pointing to the user/service user id, I am getting the grant_credentials_invalid response. Does me being a individual free tier user prevent me from utilizing OAuth 2.0 Server Authentication?
For what its worth, from my dashboard I am (a) Not able to see the 'Authorization' tab (b) Not able to see an enterprise ID, its 0 and (c) Not able to see the Service User section. The primary admin can see all of these things.
The request looks something like this:
curl -i -X POST "https://api.box.com/oauth2/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "client_id=[CLIENT_ID]" \
-d "client_secret=[CLIENT_SECRET]" \
-d "grant_type=client_credentials" \
-d "box_subject_type=user" \
-d "box_subject_id=123456"