Configure Box.com tokens
This topic explains how to configure Box.com authorization, access, and refresh tokens for the Box.com V2 connector.
Managed Fusion supports two methods of authentication with the Box API:
-
JSON Web Token (JWT)
-
OAuth2
Box app users using JWT
Box.com provides the Box Developer Edition, which lets a user access an application without having to create their own Box account.
App Auth uses the JSON Web Token (JWT) authentication architecture to establish a trusted connection with Box, allowing an application to provision and manage a Box account while minimizing the number of logins for a user and authentication services to manage.
Managed Fusion requires the following inputs to crawl your Box data.
Required options are highlighted.
UI Label, API Name |
Description |
---|---|
JWT App User ID |
The Developer Edition API App User ID to use in the crawl. |
JWT Public Key ID |
The public key prefix registered in Box Auth used for authentication. |
JWT Private Key |
Base64-encoded JWT private key for the app user for authentication. |
JWT Private Key File Path |
Path to the JWT private key file for the app user for authentication. |
JWT Private Key File Password |
The password that secures the public key. |
The biggest advantage to using the JWT App Auth Users approach is that you do not have to generate new refresh tokens. The public/private key file combination remain valid indefinitely. |
Authentication using OAuth 2.0
For limited testing using a single user account, you can create a Box app that uses Standard OAuth 2.0 authentication.
-
Access the Box Developers web portal and enter your Box developer account as the Admin.
-
Click Log In.
-
Open the page for creating a new app and click Create New App.
-
Click Custom App, and then click Next.
-
Click Standard OAuth 2.0 (User Authentication), and then click Next.
-
Name your app, and then click Create App. The name must be globally unique across all apps created by all Box users.
-
Click View Your App.
-
On the Configuration page, complete the following:
-
Click the Authentication Method Standard OAuth 2.0 (User Authentication).
-
Set the Redirect URI to
http://localhost
orhttp://0.0.0.0
. This address is not used by Managed Fusion, but cannot be left blank. -
Click Save Changes.
-