I am currently developing an application which gathers images from different sources. Some customers of mine have expressed interest in integrating my application to their box account. In the ideal world, the idea would be that the customer provides a box API key to my application that can be used to upload files to their box.
However, looking at the authentication documentation this seems not to be that straight forward.
- Client based Oauth2 authentication does not seem to be an option as the token expires every 10 minutes, besides, my application would require server side authentication as the uploads happen server-side. However, this seems to be the only authentication option that allows to upload files to the box of an existing box customer.
- Server-side authentication with JWT: Lets say I have created Box Application in the developer console and I have my config.json in place. How can a user allow my application to upload files to their box? If i understand well, this seems to be more oriented for business/enterprise management rather than for interacting with other user's accounts. I do not see how I could upload files to other user accounts.
- Server-side App Token is an authentication method where the application only has access to read and write data to its own account. So this won't work either.
So the question is: How can I authenticate server-side a user and upload files to their box?
Also, what type of pricing plan would the user require in order to allow the integration of my application into box? Am I also required to have a specific type of pricing plan in order to test my integrations?
Kind regards,
Jaime