Creating a Box Service Account
To create a box service account, step-by-step instructions can be found at https://developer.box.com/docs/setting-up-a-jwt-app
The rest of this documentation is supplemental to Box's instructions; linked steps below.
The purpose of this documentation is to highlight the information DryvIQ requires while provisioning the Box Service Account.
Step 1 | Create and Configure a JWT Application
Application Type: Custom App
Recommendation: OAuth 2.0 with JWT (Server Authentication)
Option | Configuration |
|---|---|
Client ID | Copy and save separately. Required to create your DryvIQ connection |
Client Secret | Copy and save separately. Required to create your DryvIQ connection |
Application Access | Enterprise |
| |
This scope is needed to transfer content on Box that are locked with "Disable Download" checked To enable this scope you will need to file a support ticket to get the Box team to enable it for your application. Scope approval will be approved by necessity and merit.
| |
Advanced Features |
|
Step 2 | Generate a Public / Private Keypair
Box requires two-factor authentication (2FA) to generate a public / private keypair.
Download Keypair from Box
Save Box download {{public key}}_config.json locally for future reference; required to create your DryvIQ connection.
Alternate Options
Note: Two-Factor Authentication (2FA) is not applicable when Single Sign-On (SSO) is enabled on Box
Add another account as a collaborator that has 2FA enabled
From the Developers Console → go to the General options page
"Add New Collaborator"
Log into Box as the collaborator → Developers Console
Configuration → Add and Manage Public Keys → Generate a Public / Private Keypair
Requires: OpenSSL or Cygwin package
Step 3 | Grant Access for the Application in Your Enterprise
App Key = Client ID from Developers Console → Configuration
Additional Box resource here
Parameters to Configure a Box Service Account with a DryvIQ Connection | |||
|---|---|---|---|
Field Name | Field Variable | Status | Notes |
Client ID | clientID | Required | From your Box Developers Console or can be found in boxAppSettings section of {{public key}}_config.json |
Client Secret | clientSecret | Required | From your Box Developers Console or can be found in boxAppSettings section of {{public key}}_config.json |
Public Key ID | publicKeyID | Required | From your manually generated key pair or in boxAppSettings section of {{public key}}_config.json |
Private Key | privateKey | Required | From your manually generated key pair or in boxAppSettings section of {{public key}}_config.json When you download the {{public key}}_config.json, the private key is displayed in the privatekey element. It looks something like this: "privateKey": "-----BEGIN ENCRYPTED PRIVATE KEY-----\xYZXYZxYZXyzxyzx.....................A0b0CAB0cAbCaBcabcabCA+B\noi0=\n-----END ENCRYPTED PRIVATE KEY-----\n", You only need to add the values between the quotation marks. In the above example, you would add the following as the private key: -----BEGIN ENCRYPTED PRIVATE KEY-----\xYZXYZxYZXyzxyzx.....................A0b0CAB0cAbCaBcabcabCA+B\noi0=\n-----END ENCRYPTED PRIVATE KEY-----\n |
Enterprise ID | enterpriseID | Required when an Account ID is not used | From your Box Developers Console or can be found in boxAppSettings section of {{public key}}_config.json The Enterprise ID will list content for all users on your connection root Note: Cannot be combined with Account ID; options are mutually exclusive |
Account ID | user_id | Required when an Enterprise ID is not used | The Account ID will impersonate a single account Note: Cannot be combined with Enterprise ID; options are mutually exclusive |
Password | passphrase | Required | From your manually generated key pair or in boxAppSettings section of {{public key}}_config.json Note: Auto-generated by Box when created via the download key pair from your Box Developers Console |