Hi @sarin-vt
At face value I can’t find a justification for this behavior, let’s try to identify it.
Check if there are differences between permissions, collaborations and shared links.
For example:
curl --location 'https://api.box.com/2.0/files/1545165688368?fields=id%2Ctype%2Cname%2Cpermissions%2Cshared_link' \
--header 'Authorization: Bearer wc...rt'
{
"type": "file",
"id": "1545165688368",
"etag": "1",
"name": "25m_file.bin",
"permissions": {
"can_download": true,
"can_preview": true,
"can_upload": true,
"can_comment": true,
"can_rename": true,
"can_delete": true,
"can_share": true,
"can_set_share_access": true,
"can_invite_collaborator": true,
"can_annotate": false,
"can_view_annotations_all": true,
"can_view_annotations_self": true,
"can_create_annotations": false,
"can_view_annotations": false
},
"shared_link": {
"url": "https://app.box.com/s/5gii2vftdn9gcse5s8054llq6lo9aczn",
"download_url": "https://app.box.com/shared/static/5gii2vftdn9gcse5s8054llq6lo9aczn.bin",
"vanity_url": null,
"vanity_name": null,
"effective_access": "collaborators",
"effective_permission": "can_preview",
"is_password_enabled": false,
"unshared_at": null,
"download_count": 0,
"preview_count": 0,
"access": "collaborators",
"permissions": {
"can_preview": true,
"can_download": false,
"can_edit": false
}
}
}
curl --location 'https://api.box.com/2.0/files/1545165688368/collaborations' \
--header 'Authorization: Bearer wc...rt'
{
"next_marker": "",
"previous_marker": "",
"entries": [
{
"type": "collaboration",
"id": "54322446561",
"created_by": {
"type": "user",
"id": "18622116055",
"name": "Rui Barbosa",
"login": "barduinor@gmail.com"
},
"created_at": "2024-05-30T07:52:38-07:00",
"modified_at": "2024-05-30T07:52:38-07:00",
"expires_at": null,
"status": "accepted",
"accessible_by": {
"type": "user",
"id": "22240548078",
"name": "Investment User",
"login": "barduinor+inv@gmail.com"
},
"invite_email": null,
"role": "editor",
"acknowledged_at": "2024-05-30T07:52:38-07:00",
"item": {
"type": "file",
"id": "1545165688368",
"file_version": {
"type": "file_version",
"id": "1697405049168",
"sha1": "ab11ba8a4e5595183c12ada6869713ff826d20d7"
},
"sequence_id": "1",
"etag": "1",
"sha1": "ab11ba8a4e5595183c12ada6869713ff826d20d7",
"name": "25m_file.bin"
},
"is_access_only": false,
"app_item": null
}
]
}
And the same for the parent folder.
I suspect somewhere the collaboration or share permissions are stircter, but because you are the owner of the file, then you can still upload it.
I could also be related with the the web app integration or the scope of the token, but the token should have full permissions by now, from our last conversation.
Anyway I was not able to replicate your situation.