Limit OAuth 2.0 to specific folder_id during authorization

Hi there,

I would like to know is it possible to limit the OAuth authorization to specific folder much like how the scopes parameter works:

Hey -

Thanks for posting on the forum! I don’t think so…at least not in that way since OAuth 2.0 is meant to basically provide access to any content you have access to… but I could be wrong. I’ve never tried. Let me confirm with some folks and report back.

I know you can downscope a token - which may suit your needs better. Checkout this guide for instructions on that!

Alex, Box Developer Advocate

It does seem like there is some functionality to do this… but it is not in our documentation. Let me know if you have any issues using it in practice.


Hi there,

Thank you for providing me feedback, I’ll and it and see how it goes from there.