Invalid state from server:Possible forgery error is occurring after clicking the grant button but able to get the access token, please suggest how to resolve the issue

Hi there,

Seems like you are on the right track here.

If you have access token now, just use it to call the Box API. follow this link here for all reference:   https://developer.box.com/v2.0/reference

For instance to get the file info, you would do this in your language of choice.

curl https://api.box.com/2.0/files/FILE_ID

-H "Authorization: Bearer ACCESS_TOKEN

You basically pass Access tokens in the header portion of the request.

headers.append('Authorization', 'Bearer ');  - something like this

Or just use "postman" tool from Google which is the best to do any API testing. You can even download all Box API bundle for Postman form here: https://developer.box.com/v2.0/docs/box-postman-collection

hope this helped.

thanks, 

Bibek

Thank You Bibek for your reply,

  but here i would like to open the box service in a browser without getting login page using access token, so i would like to have the URL through which we can pass access token to open the webpage https://box.com/home without asking for login again

Hello there,

Once you have got access token with the specific user, it doesn't need to login again provided that the access token is still valid. But if the token is not valid, you need to request a new token using the CURRENT refresh token. This way you don' t need to login again.

Now, you must "store" the current valid authentication tokens (access/ refresh) in a persistent store like Registry, Keychain or even XML file/text file  etc. to use it next time. So, each time the user opens up the app, it gets the access token from the file and refresh it if it is expired for fresh tokens using the stored "refresh token" and save the updated one. 

Please look at this OAuth section for more details: https://developer.box.com/v2.0/reference#oauth-2-overview

Hope this was helpful.

thanks, 

Bibek