I am asked by my company to do a Proof-Of-Concept for our document management using Box. We have an enterprise account.
What I did is I added an app in my account - to get my api keys ("client_id" and "client_secret").
Then after this Using the Box Api for .net4.0, I manage to connect my MVC app with our box account using OAuth2.
I can now view files and folders as well as uploading files.
Now my problem is I need to restrict the files that can be viewed by the user logged.
I noticed that when changing the email that is use to log-in (we're using SSO)
The user info doesn't change.
I am using GetCurrentUserInformationAsync() method of the BoxApi V2.
Is it possible to perform user management using API?
(P.S. I am not the admin of our enterprise account)
Thanks
To change the email, you will be require the admin rights. First you need to create the email alias for that account and then you can replace the primary email address with your alias.
Related
I integrated my application with the chatbase, but I would like my clients to have direct access to their email directly, as if it were a single step.
When I click a button in my application, it is directed to the logged-in chatbase screen.
Today I can only get it to the login screen, where it is still necessary to put the password to go to the dashboard, not logging directly into the application.
Is this possible? if yes, is there any kind of quickstart?
I followed the tutorial below to get to the login area, remembering that I use node.js
https://scotch.io/tutorials/easy-node-authentication-google
Thank you for your interest in Chatbase. There is currently no support for OAuth logins. Please see our recommended steps for third party integrations below:
Have the user open a Chatbase account with a Google linked email address
Have the user create a Bot in order to obtain the API key
Have the user integrate their analytics on your platform by providing the API key
Send the messages from their bot to their Chatbase API
Provide the user deeplinks to the Chatbase reports from within your UI
I was able to create a project to connect an app to google data, for a specific account (followed Google People API)
But now I would like that each customer log in hisself to his account and manage his data.
I can' t create project in the Google API Console for each customer, my app needs to read auth from each user who will use my app and "auto" create auth to read google contact data of the logged user.
Is possible?
Could you suggest me articles about how to do?
It sounds like you are trying to do exactly what OAuth 2.0 (see the page you linked to) gives you: authenticating users. This differs from using an API key, which is only authorizing your project and has nothing to do with a user's credentials.
OAuth 2.0 combines a Client ID (associated with your Google Developers Console project) and a user's login (specific to the user who is accessing your app/site) to give you an authorization token. This token will let your app act on behalf of that user when calling that API. Just make sure to request the necessary scopes as part of the OAuth 2.0 authorization prompt given to the user.
How to give this prompt varies by environment, but many common options are listed on that link.
Note that you always use the same Client ID, so you only need one Google Developers Console project, but you are given a unique token specific to that user's login when they authorize your app, so this lets you act as any user which grants your app access to their account.
My organization has a project that is using Google Drive to store files. What we want to do is to show the contents of the Drive on a website.
I'm not really sure how to go about this. Most of the examples are showing authenticating the user accessing the site.
Right now, what I am thinking of doing is to use a service account. I have a Node app running a service account, which I just followed from the samples in the Node.js samples. I realized that the contents shown from running the app are the contents of the Drive of the service account.
What I wanted to happen was show the contents of the Drive that owns the project.
I'm not sure if you can get around authentication when it comes to standard User Accounts.
But you don't really need to impersonate a User Account. There is a alternative solution. From your User account, create a folder and move all the files needed by the app into it. Then share the folder with the service account and grant it edit access. To share the folder you'll need to know the email address of the service account which you can find in your Google Developer's Console. To get to the service account's page, click the menu icon (the triple bar) at the top left and select IAM Admin. On that page there should be a menu option for service accounts, when selected it will provide you with a list of all your service accounts and their corresponding email addresses.
I am trying to understand what is the intended use case for app auth and app users. Im basically thinking about building an app that would use Box to store data of users that would subscribe to our service. Our service would allow each user to access and view their data.
If I have an account that basically owns the data of all the subscribed users, can I use the enterprise access token as a base for authentication while using the user account token to restrict the user to only viewing the data from their specific sub directory. Or do I have to have a unique account with its own api key for every user?
I hope this makes sense. Any assistance would be appreciated.
Thanks.
App Auth and App Users -- which is officially called Box Platform -- is essentially a white-labeled version of Box. I think of it this way: "Box" as we know it is software-as-a-service. It offers a web app, mobile apps, and all the trimmings. Box Platform is the platform layer upon which the SaaS is built, providing API-based management of users/content/comments/collaborations/etc. With Box Platform you have a walled garden in which you can build apps that leverage all the features of the APIs, but are not otherwise "Box apps."
I'm basically thinking about building an app that would use Box to store data of users that would subscribe to our service. Our service would allow each user to access and view their data.
This is an appropriate use case. With Box Platform you will be the owner and administrator of a Box enterprise and all the accounts and data contained within.
If I have an account that basically owns the data of all the subscribed users, can I use the enterprise access token as a base for authentication while using the user account token to restrict the user to only viewing the data from their specific sub directory. Or do I have to have a unique account with its own api key for every user?
I think it's generally cleanest to create unique accounts for each user as opposed to giving users a special subdirectory in the admin account. From there you can use the App Auth workflow to get an access token specific to that user.
In Box developer document they ask to contact them with the API key generated.
Reference:
http://developers.box.com/docs/#users-on-behalf-of-enterprise-user
Is there is any api(Java) to get the other users mail box with the admin credential.
The primary purpose of "on-behalf-of" is to make calls on behalf of your company's users as an administrator. A great use case is if you'd like to prepopulate your new hire's account with a set of folders before they start on day 1.
In order to get the listing of enterprise users in your account, you would use the following API call if you are an administrator: http://developers.box.com/docs/#users-get-all-the-users-in-an-enterprise. This is currently not built into the Java SDK, but it is open source if you want to submit a pull request to it to add the functionality.