Creating a Box App
JWT Application Creation
- If using Java 8, JWT Authentication requires the installation of the Java Cryptography Extension.
- Ensure your account has 2-step verification enabled.
- Navigate to the Developers Console (link)
- Choose Create New App
- Select Custom App
- Box Cloud Custom App
- Select Server Authentication (with JWT).
- NOTE
- Box removed the ability to change this selection early in 2021, so this choice is permanent.
- Box Cloud Authentication Method
- TIP
- In your applications you should see Service Account Info. The Service Account ID is the service user’s email address and must be a collaborator on any folder you wish to migration
- Under the Configuration tab in App Access Level, select the enterprise setting
- Box Cloud App Access Level
- In Application Scopes make sure both Content Actions are checked
- In Advanced Features, check both options
- Box Cloud App Advanced Features
- Click on Generate a Public/Private Key pair
- Open the file provided. It should take the following form
- {
- “boxAppSettings”: {
- “clientID”: “”,
- “clientSecret”: “”,
- “appAuth”: {
- “publicKeyID”: “”,
- “privateKey”: “”,
- “passphrase”: “”
- }
- },
- “enterpriseID”: “”
- }
- Take the entire value of the private key and save it to a separate file. This will be your private key file.
- The information in this config file can be used to fill in the fields of aBox Integration Connection.
- Alternatively, you can use the file to create a JWT Authentication Connector.
- To authorise your app follow Box’s instructions. Pay particular attention to the App Approval section.
- Logging in as the Service User
- Navigate to your account’s admin console ( yourapp.app.box.com/master )
- Click Content
- Select User(s) to view their content
- If you right-click, you can select “Log in to users account”
- This gives you the standard Box application view, allowing you to gather Folder Ids, etc. while in the view of the user.
OAuth Application Creation
Important: This requires tomcat to be running using the ‘https’ protocol. Box will not accept ‘http://’ addresses. Tomcat will need to be configured to use SSL/TLS.
Creating a Box OAuth Application requires you to choose the Standard OAuth 2.0 Authentication Method in the Create a New App screen.
- In The Configuration tab of your app, retrieve the clientId and clientSecret.
- In App Access Level, select the enterprise setting Box Cloud App Access level
- In Application Scopes make sure both Content Actions are checked
- In Advanced Features, check both options Box Cloud App Advanced Features https://[simflofyUrl]/3sixty-admin/authconn/oauthcb
Creating Authentication Connections
Each app type has its own Authentication Connection
Box JWT Authentication Connection
Connection Proxy Information Logging Example Preview Name: Name of this connection. JWT JSON Key File:If you have downloaded the JWT key file from the Box Admin Console, and it is on the same file system as Federation Services, then you can refer to it here (i.e. C:/Users/3Sixty/mykeyfile.json). JWT JSON: Alternatively you can copy the contents of the JWT key file and paste it in this text area. App Users Count: While in Output mode, the Federation Services Box Connector allows you to create Box App Users to do bulk uploads to Box. This is an advanced setting and is only recommended for large integrations since there is a start-up cost in creating the app users in Box. Set to 0 to not use app users. Base name of the app users: Base name that will be used for each app user. The ID of the managed user you wish to act as: The connection will act as the user id for all actions. Box Connection Timeout: Connection timeout interval. Box Read Timeout: Read timeout interval.
Box OAuth Authentication Connection
Connection
Proxy Information
Logging
Name: Unique name for this auth connector.
Box Developer Token: (Optional) Developer Token to be used instead of clientId and secret. Developer tokens expire 60 minutes after creation
Box Client ID: Client ID box will give you once you’ve set up the Application in Box.
Box Secret Key: Secret Key Box will generate for you as part of the Application Setup in Box.
AUTHENTICATION
After filling in your client id and secret. Hit the Authenticate button. You will be redirected to a screen in Box asking you to confirm the application permissions. You should be returned to Federation Services after accepting. If you receive an error, your redirect URI in the Box Application config may not be correct.