Documentation Index
Fetch the complete documentation index at: https://developer.box.com/llms.txt
Use this file to discover all available pages before exploring further.
Prerequisites
To set up a Platform App using server-side authentication, you need to ensure you have access to the Developer Console from your Box enterprise account. Alternatively, you may sign up for a developer account.App creation steps
Navigate to the Developer Console
Log into Box and go to the Developer Console. Select Create Platform App.Select application type
Select Platform App from the list of application types. A modal appears to prompt a selection for the next step.
Provide basic application information
To describe your app, provide an app name and description. Use the drop-down list to select the app’s purpose. Depending on the option chosen, you might need to specify further details.| Purpose | Details |
|---|---|
| Automation, Custom Portal | Specify if the app is built by a customer or partner. |
| Integration | Specify the integration category, external system name if the app is built by a customer or partner. |
| Other | Specify the app purpose and if it is built by a customer or partner. |
Select application authentication
Select Server Authentication (with Client Credentials Grant) if you would like to verify application identity with a client ID and client secret, and confirm with Create App.
App Authorization
Before the application can be used, a Box Admin or Co-Admin needs to authorize it. On the Configuration tab in the Developer Console:- If you are a Box Admin or Co-Admin, click Authorize to authorize the app immediately.
- If you are not an Admin or Co-Admin, click Submit to send an authorization request to your Admin or Co-Admin. You receive an email once the request is approved or denied.
Learn how to authorize a Platform Application
Basic configuration
Application Access
An application’s access level determines which users and content your app may access. By default, an application can only successfully interact with the content of its and any . To also access existing Managed Users of an enterprise, navigate to the Application Access settings accessible via the Configuration tab of the Developer console and set to App + Enterprise Access.
Application Scopes
An application’s scopes determine which endpoints and resources an application can successfully call. See the for detailed information on each option.
CORS Domains
If your application makes API calls from front-end browser code in Javascript, the domain that these calls are made from needs to be added to an allow-list due to Cross Origin Resource Sharing, also known as CORS. If all requests are made from server-side code, you may skip this section. To add the full URI(s) to the allow-list, navigate to the CORS Domain section at the bottom of the Configuration tab in the Developer console.