2 Legged Flow for service account authentication B

2019-08-10 01:19发布

问题:

Is there any way for going around the login page required after getting a BOX token. I need to use the BOX account as an admin so is there any workaround so that it can be done programatically.

回答1:

If by the login page you're referring to the credentials page at:

https://www.box.com/api/1.0/auth/{your ticket} 

that you redirect the user to after getting a ticket from:

GET https://www.box.com/api/1.0/rest?action=get_ticket&api_key={your api key}

Then the answer is currently no. As far as I know there's no plans to support an authentication method involving directly supplying credentials.



回答2:

You can easily fill out the form and submit it without ever opening a browser. If you are using Python, you can do this with Mechanize or Clientform. I suppose you can do the same thing with other languages as well. But I'm not sure what the point is, since you need to authenticate your user, and the Box login page does the job nicely. If you don't want to make the user sign in every time, then serialize the token with a timestamp denoting how long you want it to be good for and use that token until it expires.

good luck, Mike



回答3:

there has been new developments since this question was posted, and now it's possible to use JWT (JSON Web Token) and Box Developers Edition to access Box.

If you create a developer account you will be able to create App users and login using an enterprise token and a private key file. Check out the docs for more information: Box Developer Edition

Additonally, boxsdk comes with support for Box Developer Edition



标签: box-api