What authentication style should I use for my application?
I'm working on building a web application that will allow a user to kick off the uploading of a large set of files into Box, and I want the uploaded files to belong to the person who requested the upload job. I want it to work in the background even after the user leaves.
Does that sound like something that could be done with the normal 3-legged Oauth, or should I use Oauth/JWT for a service instead?
-
Generally, if there is a Managed User involved, 3-legged OAuth2 should be used. If there are App Users or Service Accounts involved, OAuth2 with JWT should be used.
To better advise you, I need a little bit more information about your use case. Will these files be accessible to a Managed User in the Box web app?
Please sign in to leave a comment.
Comments
1 comment