Not able to generate access token

Hi there, this is expected.

It all depends on which user are you authenticating with CCG. Note the small print where it says

Access to content is further restricted by the users’ permission and Access Token used.

Here are some scenarios.

Using:

  • box_subject_type = enterprise
  • box_subject_id = 877840855
curl --location 'https://api.box.com/2.0/users/me?fields=id%2Ctype%2Cname' \
--header 'Authorization: Bearer j5...Vg' \

Outputs

{
    "type": "user",
    "id": "20706451735",
    "name": "CCG"
}

and the root folder items:

curl --location 'https://api.box.com/2.0/folders/0/items' \
--header 'Authorization: Bearer j5...Vg' \

outputs:

{
    "total_count": 0,
    "entries": [],
    "offset": 0,
    "limit": 100,
    "order": [
        {
            "by": "type",
            "direction": "ASC"
        },
        {
            "by": "name",
            "direction": "ASC"
        }
    ]
}

This means the service user CCG has no files in their root folder.

Any account wont be able to see content from another account unless it has been explicitly shared between them.

However service account have a super power, they can impersonate another managed user.
You can do this 2 ways, use the as-user header to impersonate another user, or login directly with that user, if you have these configurations active:

Let’s start with the `as-user’:

curl --location 'https://api.box.com/2.0/users/me?fields=id%2Ctype%2Cname' \
--header 'as-user: 18622116055' \
--header 'Authorization: Bearer j5...Vg' \

Outputs:

{
    "type": "user",
    "id": "18622116055",
    "name": "Rui Barbosa"
}

Listing root folder items:

curl --location 'https://api.box.com/2.0/folders/0/items?fields=id%2Ctype%2Cname' \
--header 'as-user: 18622116055' \
--header 'Authorization: Bearer j5Vg' \

Outputs:

{
    "total_count": 31,
    "entries": [
        {
            "type": "folder",
            "id": "220421706333",
            "etag": "0",
            "name": "A_Class"
        },
        ...
        {
            "type": "file",
            "id": "1010742636771",
            "etag": "1",
            "name": "This is a box note.boxnote"
        },
        {
            "type": "web_link",
            "id": "22625801630",
            "etag": "0",
            "name": "Shared Folder - GBP Order Forms"
        }
    ],
    "offset": 0,
    "limit": 100,
    "order": [
        {
            "by": "type",
            "direction": "ASC"
        },
        {
            "by": "name",
            "direction": "ASC"
        }
    ]
}

Similar results can be obtained if you get the token for the CCG app using:

  • box_subject_type = user
  • box_subject_id = 18622116055
curl --location 'https://api.box.com/2.0/users/me?fields=id%2Ctype%2Cname' \
--header 'Authorization: Bearer Maf...cpY'

Outputs:

{
    "type": "user",
    "id": "18622116055",
    "name": "Rui Barbosa"
}

If you are using one of our SDK’s, they have built in support for both the as-user and the box_subject_type

Let us know if this helps, cheers!