Issue with co-admin's account file access

Question

Scenario 1: During folder creation by the Admin, attempts by the co-owner to access files via API using the "as-user" header result in a 403 error, regardless of user type (admin, co-admin, member).
Scenario 2:when the co-admin creates a folder and a member uploads a file to it, API calls (with the "as-user" header) function properly, allowing file retrieval.

While processing DLP events, we consistently include the "as-user": <user_id> header. However, Scenario 1 fails to comply with this setup. I'm investigating whether we can include the "as-user" header for Scenario 1 to align its implementation with Scenario 2 for consistency.

community-manager · Answer

Hi there,Welcome to Box Community and glad to assist!We suggest that you seek advice from our Developer team throughforum.box.com.Thanks for posting!

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded