App User- can I share data with regular users?
Answered
I'm hoping to build a small program to upload files to a folder. I need to allow collaborators to see the files and download them... even delete them, if necessary. The app will run unattended on a schedule, so I think App User using OAuth2 with JWT authentication would be correct. However, docs indicate that files created by this App User may not be accessible to others. Can I alter that? Change folder permissions and add Collaborators, for example? I'd like to know before going through all the work only to find out I'm at a dead end.
-
Hey ,
Thanks for your message! Your authentication method would be perfect for the unattended use case. Regular box users should not be restricted from viewing any content created or owned by app users, as long as you've added the box users as collaborators.
Realistically, the only difference between an app user and a normal box user is that you can't log in with an app user via the web application. You can only interact with it through the API. Otherwise, everything else works the same - you can add users as collaborators, you can generate shared links, so on and so forth.
Do you mind linking to the area in our docs where we might be suggesting a restriction? Definitely want to get that cleared up if it's misleading somewhere!
Thanks,
Jason
-
I'd love to accept this as the answer, but the Community site forced me to "complete my profile" a second time and made me an entirely different user! I submitted a ticket to try and fix it. We'll see.
This is the page that made me wonder if I might have trouble:
https://developer.box.com/docs/authentication-types-and-security#section-when-to-use
Seemed to imply there might be an issue. How about:
Note: Nothing prevents an App User from assigning collaborators who can then access
folders and files created by an App User, but App Users will not have access to files
created by others users (unless explicitly granted??)
Please sign in to leave a comment.
Comments
2 comments