I've created an .net core application that uses the Box API to provide a set of features.
The authentication is performed using jwt without sdk, as described here.
After authenticating, all requests to the Box API use the Token obtained in the authentication process.
All Box Api endpoints i tried are working correctly, as the endpoints for Folders, Files, Metadata, etc.
The latest Api endpoint i tried to use was the List recently accessed items, documented here.
For some reason that i'm not understanding, when using the same Token that provides access to all API endpoints i tried as Folders, Files, Metadata, etc, the 2.0/recent_items endpoint, returns a 403 Forbidden error.
Here the details of a request to the endpoint.
GET /2.0/recent_items HTTP/1.1
Host: api.box.com
Authorization: Bearer xYjRMUwfEqlimbIQbglDBlBu1OKbd---
The response:
403 Forbidden
Date: Sat, 08 Feb 2020 21:49:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
BOX-REQUEST-ID: 1ff7f21bace5e2b5684208244542e8154
When using the exact same Token for a different endpoint, everything works as expected, for example:
GET /2.0/folders/0/items HTTP/1.1
Host: api.box.com
Authorization: Bearer xYjRMUwfEqlimbIQbglDBlBu1OKbd---
The Response:
200 OK
Date: Sat, 08 Feb 2020 21:51:39 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store
Vary: Accept-Encoding
BOX-REQUEST-ID: 0fc1d76e650d40ea4b8397ac98ffbfee8
The documentation does not suggest anything specific regarding Authorization.
Is there anything missing on the documentation, something i need to configure, etc?
What am i missing, and why is it not working?
Thank you very much!