Skip to main content
Question

Confusion about creating an App User with the box-node-sdk

  • May 21, 2025
  • 4 replies
  • 17 views
C
Forum|alt.badge.img

Hello,

I'm very new to the development with node.js and the Box API - so please don't hit me if I ask very stupid or basic questions.

I read the tutorials about setting up the application, getting the enterprise access token and creating an app user. In the tutorial about authentication using JWT I found this:

 

"Fortunately, there are many libraries available for easily constructing the JWT assertion. These can be found here. Our SDKs also provide methods that will handle authentication with JWT."

 

So I used the box-node-sdk for my first tests. In the documentation of the sdk I found "getAppAuthClient". I used it like shown in the example, but now I do not now how to proceed. I have many questions and I don't seem to find them in the documentation. For example:

 

  1. Does the AppAuthClient handle the constructing and use of the JWT assertion?
  2. Where do I find the access_token after creating the AppAuthClient?
  3. How do I proceed to create an App User? I don't see a method for that in then SDK and to youse the restful API I need the access token.

Is there maybe some example code of a node application using the authentication with JWT? That would be a great help. Right now I'm on the verge of retreating from using the sdk and do it manually like the tutorial demonstrated. But I would really like to use it.

 

I'm thankful for any help you can give me. 

Thank you.

    4 replies

    C
    Forum|alt.badge.img

    It was confusing to me too.

     

    So basically, I did this:

    1.  Steps 1-3 of https://docs.box.com/docs/app-auth

    2.  I didn't try to create the jwt assertion manually - I used the sdk. 

    3.  Then I ran the app: https://github.com/kendomen/BoxJavaJWTExamples/blob/master/src/com/nike/box/CreateAppUser.java

     

    C
    Forum|alt.badge.img

    I solved it directly through box-node-sdk. While there is no "add app user" api call (e.g. like client.users.add), they do provide generic calls. So I used it like this:

     

    client.post('/users', {body: {name: "App User Name", "is_platform_access_only": true}}, function(err, response) {

        if (!err) {
            console.log("User create:");
            console.log(response.body);
        } else {
            console.log("Error creating user");
        }

    });

    I authenticated like this:

     

    var sdk = new BoxSDK({
    clientID: 'CLIENT_ID',
    clientSecret: 'CLIENT_SECRET',
    appAuth: {
    keyID: 'KEY_ID',
    privateKey: 'PRIVATE_KEY',
    passphrase: 'PRIVATE_PASS'
        }
    });

    client = sdk.getAppAuthClient('enterprise', 'ENTERPRISE_ID');

     CLIENT_ID, CLIENT_SECRET and ENTERPRISE_ID from the Box portal, while KEY_ID, PRIVATE_KEY and PRIVATE_PASS is from creating the RSA keypair. PRIVATE_KEY is the whole .pem file and KEY_ID is from the Box-portal.

    C
    Forum|alt.badge.img

    Thank you so much! This did the trick.

     

    Something to keep in mind: The setting for "Application Access" needs to be set to 'Enterprise' for this to work.  If you change the setting, you'll need to re-authorize the App in your enterprise.

    C
    Forum|alt.badge.img

    How can we do this with JWT without SDK? switch to another user , any sample code will be appreciated.

    Terms & ConditionsCookie settingsAccessibility statement