Welcome to the new Box Support website. Check out all the details here on what’s changed.

Restricting JWT App to Certain Folders

Answered
New post

Comments

5 comments

  • cbetta

    Hi , your first instinct was totally right.

     

    An application with "read/write" permissions has the permission to read and write to files/folders that it either owns, or has been collaborated into. As such, it is already restricted, and downscoping is not really needed. 

    0
    Comment actions Permalink
  • thomastaylorjr

    Thanks! If that's the case, is the purpose for downscoping to limit access to specific subfolders? 

    0
    Comment actions Permalink
  • cbetta

     downscoping is useful for many reasons, but it's mainly used by our Box UI Elements and Box Skills products. In Box UI Elements the access token is shared with a frontend UI, so restricting it to some exact permissions and a specific file/folder is essential, as the token is shared with anyone who can see the UI.

    0
    Comment actions Permalink
  • cbetta

    Some more info on Box UI Elements: https://developer.box.com/docs/box-ui-elements

    0
    Comment actions Permalink
  • thomastaylorjr

    Gotcha, I did remember seeing that in the documentation. Thanks for all your help ! I will make sure to accept your answer!

    0
    Comment actions Permalink

Please sign in to leave a comment.