Skip to main content

Documentation Index

Fetch the complete documentation index at: https://developer.box.com/llms.txt

Use this file to discover all available pages before exploring further.

Server authentication applications using or must be authorized by a Box Admin or Co-Admin before use. Unpublished applications using authentication may require enablement by a Box Admin or Co-Admin if they are . A Box Admin or Co-Admin needs an application’s Client ID in order to properly authorize or enable it in the Admin Console.
Apps created by free developer (Individual) accounts are authorized automatically. You can use view to quickly look up the authorization and enablement status of your application.

One-Click Authorization

JWT and CCG authentication apps can be authorized directly from the Configuration tab in the Developer Console. This is a convenient alternative to the methods described below.

As an Admin or Co-Admin

If you are a Box Admin or Co-Admin, the Configuration tab displays: Server authenticated apps must be authorized before use. Click Authorize to authorize the app immediately.

As a developer

If you are not a Box Admin or Co-Admin, the Configuration tab displays: Submit app for authorization for access to the Enterprise. Click Submit to send the request. Your admin or co-admin receives an email notification, and you are notified by email once the request is approved or denied.

Approval Notifications

User authentication apps

A semi-automated process to submit an app approval is available in the Developer Console for user authentication applications. Navigate to the Enablement tab for your application in the Developer Console.
Enablement tab
Submitting the application for approval sends an email to your enterprise’s Primary Admin to approve the application. When a Box Admin or Co-Admin approves or declines your request, you receieve an email with the decision. More information on this process is available in our support article on app authorization.

Manual Approval

The following steps provide instructions on how to manually approve the application.

As a developer

  1. Navigate to the Configuration tab for your application in the Developer Console.
  2. Scroll down to the OAuth 2.0 Credentials section and copy the Client ID value to provide to a Box Admin or Co-Admin.
Alternatively, hover over the application in the view to look up the ClientID and then copy it using the copy button.
Finding a Box AdminIf you don’t know your enterprise Admin, go to your Box Account Settings page and scroll to the bottom. If an admin contact is set you should see their contact information under “Admin Contact”.

As an Admin

  1. Navigate to the Admin Console and select the Apps tab (1) from the left navigation panel.
  2. Click the Platform Apps Manager tab (2) at the top of your screen.
  3. For both Server and User Authentication Apps screens, click the Add App (3) button in the top right corner to add a new app.
  4. Alternatively, you can use the Platform Apps Manager table menu (4) to authorize and enable apps.

Server Authentication Apps

Server Apps tab

User Authentication Apps

User Apps tab
In the popup that appears, enter the client ID for the application that the developer collected from the Configuration tab of the Developer Console.

Re-authorization on changes

When the application’s scopes or access level change the application needs to be re-authorized. Repeat the process above and request a new Access Token for the new changes to take effect. In the same section where the application was initially authorized, an Admin can re-authorize the application by clicking on the ellipses to the right of the application name to Reauthorize App.
Re-authorize app