Welcome to the new Box Support website. Check out all the details here on what’s changed.

Impersonating a user - are they actually an admin user?

Answered
New post

Comments

2 comments

  • bettaio

     as far as I know this should work. What kind of error are you getting when trying to act as another user?

    0
    Comment actions Permalink
  • JohnSmiths

    Unfortunately, I was looking at it completely incorrectly. I'm not sure if the docs on this are clear or if it's just me.

     

    I was always under the impression that admin users were the only ones that can be impersonated with using JWT auth. As I was authenticating as the service account and impersonating them successfully but not normal managed users. 

     

    Turns out, you can authenticate (not impersonate) as an admin user and then impersonate (As-user) a normal managed user absolutely fine. A further spanner in the works was "restrict content creation" which made it appear as if I was unauthorised to impersonate (403 errors?) rather than what should probably be a validation error? 

     

    https://community.box.com/t5/Platform-and-Development-Forum/API-As-User-or-Client-token-Creating-Root-parentID-0-folders-403/m-p/31873#M1836

     

    Thanks for making me look at it from a fresh angle though, it was quite difficult to work with for a while. 

    0
    Comment actions Permalink

Please sign in to leave a comment.