App Tokens without SDKs

Guides Authentication App Token Auth App Tokens without SDKs

Required Guides

App Tokens without SDKs

If you are not ready to use any of the official Box SDKs, or an SDK is not available in your language of choice, it is totally possible to use the Box APIs without them.

App Token authentication is designed for working directly with the Box API without requiring a user to redirect through Box to authorize your application, yet is restricted to the application's own data.

The method of authentication through JWT is inherently tied to the Service Account for the application. Any API call made with this token will seem to come from this application and will not have access to files and folders from other users without explicitly getting access them.

Before we can get started, you will need to have completed the following steps.

Create a Box Application within the developer console
Ensure the application is configured to use App Token authentication
Generate a primary and secondary App Token for the application and store the tokens somewhere in your code.

To use an App Token directly the application can use the App Token the same way it would use any Access Token.

curl https://api.box.com/2.0/users/me \
    -H "authorization: Bearer EGmDmRVfhfHsqesn5yVYHAqUkD0dyDfk"

Related APIs

getAuthorize user

Related Guides

GuideDownscope a Token

App Tokens without SDKs

Required Guides

App Tokens without SDKs

Prerequisites

Making API calls

Related APIs

Related Guides