Creation of actor token -- Cannot use due to Box policy

Question

Hi,I'm testing the API of Box and I want to test the annotation feature. I can do annotations with the application user but when I want to create an actor token as described in the API documentation, the serveur return a 400 error : {"error":"invalid_request","error_description":"Your app cannot use \"actor_token\" due to Box policy"} Could you explain me which policies are taken in account in this case and the code/configuration to use annotations features (with actor token) ? Regards, Ludovic SMADJA --- Here's the content of the requestdata[0] = new NameValuePair("subject_token",accessToken);
data[1] = new NameValuePair("subject_token_type", "urn:ietf:params:oauth:token-type:access_token");
data[2] = new NameValuePair("scope", "item_preview");
data[3] = new NameValuePair("resource", "https://api.box.com/2.0/files/"+boxId);
data[4] = new NameValuePair("grant_type", "urn:ietf:params:oauth:grant-type:token-exchange");
data[5] = new NameValuePair("actor_token", assertion);
data[6] = new NameValuePair("actor_token_type", "urn:ietf:params:oauth:token-type:id_token"); The assertion added to this request  is :  wtClaims claims = new JwtClaims();
claims.setIssuer(clientID);
claims.setAudience(JWT_AUDIENCE);
claims.setExpirationTimeMinutesInTheFuture(0.9f);
claims.setSubject("j_2");
claims.setClaim("box_sub_type", "external");
claims.setClaim("name", "My name for annotation");
claims.setGeneratedJwtId(64);

community-manager · Answer

Hi,I'm also facing the same issue,can you please help if you have the solution.Please check the below ticket i have raised in box support forum.https://support.box.com/hc/en-us/community/posts/6664107295635-Error-while-calling-token-API-Error-preview-Your-app-cannot-use-actor-token-due-to-Box-policyThanks.

Creation of actor token --> Cannot use due to Box policy

2 replies

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded