Using Box Access Token to make API calls

Hello all,

Currently, I’m trying to utilize Box to upload/download documents using Nodejs on the backend to do this. From my understanding, I would need to get an access/bearer token (from: - which I’m able to do using Client ID and Client Secret, and once I have the the bearer token I can make API calls as needed. However, I’m trying to test a few of the API calls using postman and receiving an error when doing it this way.

As an example, to list the current items in a folder I’m making a GET request in Postman to:
where I’m setting :folder_id to 0. I receive this error that says:

    "type": "error",
    "status": 404,
    "code": "not_found",
    "context_info": {
        "errors": [
                "reason": "invalid_parameter",
                "name": "folder",
                "message": "Invalid value 'd_215579098453'. 'folder' with value 'd_215579098453' not found"
    "help_url": "",
    "message": "Not Found",
    "request_id": "abwx8lhfsfc7twmm"

(This call shows folder id with id: 215579098453, but same error is present with 0).

Additionally, other API calls result in a similar error. My question would be are there other things I need to do/enable to get this functionality to work? Is my understanding correct of how the API calls would be able to work?


Thanks for posting on the forum. My peer Olga recently published a great article on our Medium site discussing Box + Node + OAuth 2.0. You can check that out here! Make sure to follow our Blog because we post content every Tuesday.

Using Postman with OAuth 2.0 is a bit tricky, because you have to use a web browser to exchange the code super quickly. I always recommend using a developer token instead.

You can find more info on using OAuth 2.0 with sdks in our guides or checkout the SDK code examples directly.

Box Developer Advocate