Skip to main content
At this point we have application code that will handle traffic from users visiting, forward them to Okta to login, provide Okta user information, before finally handing off to a yet to be created handler for Box. This section will cover the final Box components:
  • Validating if an Okta user has an associated Box app user account.
  • Creating a new app user for the associated Okta record if they don’t.
  • Fetching tokens for the Box user to make user-specific API calls.

Create Platform App Users

Before validating users we need a method for creating an associated Box user account if one doesn’t already exist for the Okta user.

Validate Okta Users

With the create user functionality defined, let’s turn our attention to defining the code for validating whether an Okta user record has an associated Box user record by searching all Box enterprise users for the associated external_app_user_id.

Make Authenticated Box User Calls

Once an associated Box user is found for the Okta user we’re going to generate an access token specifically scoped for that user to make Box API calls, then make a call to get the current user to ensure that everything is working and that we have a valid user access token.

Summary

  • You’ve validated whether an Okta user exists as a Box user.
  • You’ve creating a new app user if they don’t exist.
  • You’re making a Box API call for an existing Box user.