Welcome to the new Box Support website. Check out all the details here on what’s changed.

Restrict application access to a specific folder

Answered
New post

Comments

3 comments

  • jcleblanc

    Hi ,

     

    Let me see if I can provide some more detail. If you create a JWT/OAuth application, that will generate what is called a service account to represent the application. Here's where things get a little tricky:

    • If you follow these directions you will authenticate as the application, and all files / folders that are created will only be created within your application. The service account does not have any ability to access files from other users unless you collaborate the service account in on the file / folder. 
    • If you want to access files / folders within app users that you create from the application, then you would follow these guidelines. This would allow you to upload / manage files / folders for the user that you create a token for.

     

    In short, by default, your JWT application will only be able to access files and folders within the application. 

     

    If you want to further restrict the access token created for the service account, you can potential use the downscope token capability, and if you use the base upload scope that should give you the restriction to just upload to a single folder that you may need.

     

    Hope that helps,

    Jon 

    0
    Comment actions Permalink
  • Qmerit_Dev

    Hi ,

     

    What I wasn't aware of was the the fact that when your app is added to a box account, a automationuser is generated.  This automationuser is able to be associated with groups that could then be granted collaboration access.

     

    This was perfect because it allowed us to remove all authorization scopes other than read folder access to guarantee security for our customers.

     

    Thanks!

    0
    Comment actions Permalink
  • ygao

    Hey Jon, this is fantastic, thanks. Exactly what I was looking for, and allows me to move forward with my app.

    0
    Comment actions Permalink

Please sign in to leave a comment.