Authentication
Authentication
Authentication with the Box API uses an Access Token to identify a user. The way in which an Access Token is acquired depends on the method used to authorize a user. The type of authorization available to an application depends on the use-case as well as the type of application that has been created in the developer console.
| Box Application Type | Authentication methods |
|---|---|
| Custom App | OAuth 2.0, JWT, or Client Credentials Grant |
| Limited Access App | App token |
| Custom Skill | No authentication method selection needed |
Learn how to select an authorization type
Access Tokens for Authentication
Every API endpoint requires a valid and active Access Token to make API calls. An Access Token is a unique string that identifies an authenticated Box user to the API endpoints.
curl https://api.box.com/2.0/users/me \
-H "authorization: Bearer EGmDmRVfhfHsqesn5yVYHAqUkD0dyDfk"
Learn more about Access Tokens