User Access Token - Box Dev Docs

It is possible for a JWT application to create an Access Token for a specific user instead of for the Service Account.

Preconditions

The application must be configured to allow the creation of user Access Tokens. This setting can be found in the Configuration tab of the Developer Console.

Additionally, the authenticated user needs to be a user with Admin permissions, meaning either an Admin, Co-Admin, or Service Account. See our guide on User Types for more details.

User Access Tokens with SDKs

To create a Box SDK client that authenticates as a specific user, follow the steps described in the JWT with SDK guide, but create a user client instead of an “Enterprise” client.

var userId = "12345";
var sdk = new BoxJWTAuth(config);
var token = sdk.UserToken(appUserID);
BoxClient client = sdk.UserClient(userToken, userId);

Learn more about using the Box SDKs with JWT

User Access Tokens without SDKs

To create a user Access Token that authenticates as a specific user, follow the steps as described in the JWT without SDK guide but instead of creating a claim for the enterprise, create one for a specific user ID.

var userId = "12345";

var claims = new List<Claim>{
    new Claim("sub", userid),
    new Claim("box_sub_type", "user"),
    new Claim("jti", jti),
};

​Preconditions

​User Access Tokens with SDKs

Learn more about using the Box SDKs with JWT

​User Access Tokens without SDKs

Learn more about manually using JWT authentication

Preconditions

User Access Tokens with SDKs

User Access Tokens without SDKs