Is there any setting required to check the contents of a specific employee's folder instead of the contents of the service account?

Hello, this is Yane.

My boss instructed me to use the BOX API to create a folder under a specific employee’s folder, and to create an application to check the contents of the folder.

Is there any setting required to check the contents of a specific employee’s folder instead of the contents of the service account?
Or should I just code in the API?
Can you tell me please.

I know that I can get the items in the service account folder by running the following python code.

items = client.folder(folder_id=‘22222’).get_items()
for items in items:
print(f’{item.type.capitalize()} {} is named “{}”')

Hi @nobuhiro_yane

If I’m understanding correctly yes for sure.
Box has the concept of the as-user header, where a service account can impersonate any user as long as it is configured to do so from a security perspective.

So here is a python example (assuming a JWT app):

from boxsdk import JWTAuth, Client

def main():
    auth = JWTAuth.from_settings_file(".jwt.config.json")
    client = Client(auth)
    user = client.user().get()
    print(f"Hello, {}! ({user.login})")

    # as user client
    rb_user = client.user(user_id="18622116055")
    as_user = client.as_user(rb_user)

    user = as_user.user().get()
    print(f"Hello, {}! ({user.login})")

if __name__ == "__main__":

This example assumes a JWT app configured as:


Please note if you change the configurations of your app then it needs to be re-submitted for approval by your admin.

Let us know if this helps.


1 Like

Hello, this is Yane.

thank you. It was helpful.
I will try it once.

Hello, this is Yane.
Thank you for contacting us.
Safely, I came to the process with JWT authentication.

Please tell me one more thing.
In this example, the authentication method in the JWT app,
Can the same work be done with authentication with the CCGAuth app?

It would be very helpful if you could attach the settings in that case and a screenshot of the python code.

If you could teach me, it’ll helps a lot.

Hi Yane (@nobuhiro_yane )

For the service account it works the same way. For example my CCG app config is:

(I have all permissions selected)

Then you need to create a CCGAuth object:

def ccg_from_enterprise_config(config: AppConfig) -> CCGAuth:
    Returns a boxsdk CCGAuth object
    from the configuration file
    return CCGAuth(

The AppConfig you see above just reads from a .env file, you’ll need the client id, client secret, and the enterprise id (in the env file represented as box_subject_id).

Then I have a method that returns a client:

def get_ccg_enterprise_client(config: AppConfig, as_user_id: str = None) -> Client:
    """Returns a boxsdk Client object"""

    auth = ccg_from_enterprise_config(config)
    client = Client(auth)

    if as_user_id:
        as_user = client.user(user_id=as_user_id).get()
        return client.as_user(as_user)

    return client

Finally the looks like this:

import logging
from app.config import AppConfig

from app.box_client import get_ccg_enterprise_client


conf = AppConfig()

def main():
    Simple script to demonstrate how to use the Box SDK
    with CCG authentication

    client = get_ccg_enterprise_client(conf)

    user = client.user().get()
    print(f"Logged in as {}")

    client_as_user = get_ccg_enterprise_client(conf, as_user_id="18622116055")
    as_user = client_as_user.user().get()
    print(f"Acting as {}")

if __name__ == "__main__":

and the result is:

Logged in as CCG
Acting as Rui Barbosa

Let us know if this helps


1 Like

Hello, this is Yane.

thank you for your advice
It looks like it will be very helpful. I will try it once.

I will share the results separately.