Skip to main content
Question

Windows/.NET Core Console + OAuth2 (Username + Password)

  • May 22, 2025
  • 2 replies
  • 28 views
C
Forum|alt.badge.img

I have a simple app that is working so far using the Developer token. It can traverse the Box directory tree and download files from specific folders.

I haven't seen (either in the included examples or tests) a way to do Username/Password based authentication (OAuth2). I've looked at the AuthRepository class, but it doesn't seem to do what I'm looking to do--receive back an authentication token (and OAuth session) from a supplied Username/Password.

This app will be used by other people to download files from several of their own Box folders (based on the business logic), and so authenticating them using their Box Username and Password is required.


I'm using the .NET Core (V2) SDK, building a simple Windows Console application to do this. 
I can't use batch scripts + simple CLI for this, and I'm not going to implement a web-based solution--it is supposed to be desktop.

Any help would be greatly appreciated.


Thank you
Chad.

    2 replies

    C
    Forum|alt.badge.img

    This is the part that is flummoxing me--the requirement to provide some sort of web-service endpoint as a callback for the auth service:

    var config = new BoxConfig("CLIENT_ID", "CLIENT_SECRET", new System.Uri("YOUR_REDIRECT_URL"));

     

    I don't want to roll a web service just to receive an OAuth 2 session in return; I'd like to be able to handle this in a desktop application via some kind of callback. 

    If that's not possible, please let me know so I can discuss this with the people passing down the requirement.


    Thank you!

    Chad.

    C
    Forum|alt.badge.img

    I'm going to post this as the solution, even though it would be nice to have a way to authenticate to Box using .NET and our own UI widgets.

    What I did instead of trying to use OAuth2 with the redirect_uri was to use the JWTToken method. This does allow you to authenticate to the Admin account and then switch to a user account. Done out of a console window Windows application. 

     

    This works fine. Remember to go to the Admin panel and to authorize the Box app--using the "Client ID". 

    To be fully clear, the reason the redirect_Uri wasn't right for my solution was that it would have needed an HTTPS endpoint to receive the auth code back from Box. I started down that path (using Web API), but soon realized that in order to get back to the desktop app it would have been way too much work--the code wanted to live in the Web API project.

    IF--on the other hand--someday Box decides to provide a way for people to bring up their own credentials challenge box (Username/Password) that would be a way to allow developers to use the full OAuth2 authentication path from a desktop application.

    Hope that helps someone.

    Terms of ServiceAccessibility statement