Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

Creating a Box Service Account
To create a box service account, step-by-step instructions can be found at https://developer.box.com/docs/setting-up-a-jwt-app

  • The rest of this documentation is supplemental to Box's instructions; linked steps below.

  • The purpose of this documentation is to highlight the information DryvIQ requires while provisioning the Box Service Account.

Step 1. Create and Configure a JWT Application

  • Application Type: Custom App

  • Recommendation: OAuth 2.0 with JWT (Server Authentication)

Option

Configuration

Client ID

Copy and save separately. Required to create your DryvIQ connection

Client Secret

Copy and save separately. Required to create your DryvIQ connection

Application Access

Enterprise

Application Scopes

  • Read and write all files and folders stored in Box

  • Manage users

  • Manage groups

  • Manage enterprise properties

Scopes Enabled by Request

This scope is needed to transfer content on Box that are locked with "Disable Download" checked

To enable this scope you will need to file a support ticket to get the Box team to enable it for your application. Scope approval will be approved by necessity and merit.

  • Global Content Manager

Advanced Features

  • Enable - Perform Actions as Users

  • Enable - Generate User Access Tokens


Step 2. Generate a Public / Private Keypair

Box requires two-factor authentication (2FA) to generate a public / private keypair.

Download Keypair from Box

Save Box download {{public key}}_config.json locally for future reference; required to create your DryvIQ connection.

Alternate Options

Note: Two-Factor Authentication (2FA) is not applicable when Single Sign-On (SSO) is enabled on Box

  1. Add another account as a collaborator that has 2FA enabled 

    • From the Developers Console → go to the General options page

    • "Add New Collaborator" 

    • Log into Box as the collaborator → Developers Console 

    • Configuration → Add and Manage Public Keys → Generate a Public / Private Keypair

  2. Generate Keypair Manually

    1. Requires: OpenSSL or Cygwin package

Step 3. Grant Access for the Application in Your Enterprise

Parameters to Configure a Box Service Account with a DryvIQ Connection

Field Name

Field Variable

Status

Notes

Client ID 

clientID

Required

From your Box Developers Console or can be found in boxAppSettings section of {{public key}}_config.json 

Client Secret 

clientSecret

Required

From your Box Developers Console or can be found in boxAppSettings section of {{public key}}_config.json 

Public Key ID 

publicKeyID

Required

From your manually generated key pair or in boxAppSettings section of {{public key}}_config.json 

Private Key 

privateKey

Required

From your manually generated key pair or in boxAppSettings section of {{public key}}_config.json 

When you download the {{public key}}_config.json, the private key is displayed in the privatekey element. It looks something like this: 

"privateKey": "-----BEGIN ENCRYPTED PRIVATE KEY-----\xYZXYZxYZXyzxyzx.....................A0b0CAB0cAbCaBcabcabCA+B\noi0=\n-----END ENCRYPTED PRIVATE KEY-----\n",

You only need to add the values between the quotation marks. In the above example, you would add the following as the private key:

-----BEGIN ENCRYPTED PRIVATE KEY-----\xYZXYZxYZXyzxyzx.....................A0b0CAB0cAbCaBcabcabCA+B\noi0=\n-----END ENCRYPTED PRIVATE KEY-----\n

Enterprise ID 

enterpriseID

Required when an Account ID is not used

From your Box Developers Console or can be found in boxAppSettings section of {{public key}}_config.json 

The Enterprise ID will list content for all users on your connection root

Note: Cannot be combined with Account ID; options are mutually exclusive

Account ID

user_id

Required when an Enterprise ID is not used

The Account ID will impersonate a single account

Note: Cannot be combined with Enterprise ID; options are mutually exclusive

Password

passphrase

Required

From your manually generated key pair or in boxAppSettings section of {{public key}}_config.json 

Note: Auto-generated by Box when created via the download key pair from your Box Developers Console

  • No labels