Python SDK with JWT Auth to get EventLogs
I am trying to integrate Box admin logs with our SIEM solution for a client. I am trying to pull the event (admin) logs using box-python-sdk. I have tried two different methods as follows:
def get_sdk(): sdk = JWTAuth(client_id="", client_secret="", enterprise_id="", jwt_key_id="", rsa_private_key_file_sys_path="rsa_private_key.ppk", rsa_private_key_passphrase=b"", ) return sdk def method_1_get_token(): sdk = get_sdk() sdk = sdk._auth_with_jwt("", 'user') client = Client(sdk) events = client.events().get_events() print(dir(events)) print(events) def method_2_get_token(): sdk = get_sdk() client = Client(sdk) user = client.user(user_id="").get() client = client.as_user(user) events = client.events().get_events() print(dir(events)) print(events)
Both are returning different error messages.
method_1_get_token returns the exception:
Message: b'{"error":"invalid_request","error_description":"Cannot obtain token based on the enterprise configuration for your app"}' Status: 400 URL: https://api.box.com/oauth2/token Method: POST
method_2_get_token return the exception:
Message: Access denied - insufficient permission Status: 403 Code: access_denied_insufficient_permissions Request id: u9o2chfu9ii7lxe4 Headers: {'BOX-REQUEST-ID': '0am8fu2al2d6rrvs2gfjfhdaipe', 'Content-Encoding': 'gzip', 'Strict-Transport-Security': 'max-age=31536000', 'Cache-Control': 'no-cache, no-store', 'Date': 'Tue, 14 Aug 2018 12:40:57 GMT', 'Age': '0', 'Content-Type': 'application/json', 'Transfer-Encoding': 'chunked', 'Vary': 'Accept-Encoding', 'Connection': 'keep-alive'} URL: https://api.box.com/2.0/events Method: GET Context info: None
The client has enabled the app scope 'Manage enterprise properties' and the App access is set to 'Enterprise'
Any help will be greater appreciated.
-
Hello,
Thanks so much for using our platform and development forum!
For method 2 I'm seeing the following in our backend logs: "Missing+permissions+user_api_act_as_user". Have you enabled the as-user header in the developer console? After you enabled this did you re-authorize your application in the admin console?
If so, it would be best if you could open a ticket with all this information and your API key so we can help you further investigate!
Best,
Kourtney
Please sign in to leave a comment.
Comments
1 comment