Understanding Box applications, tokens, and scoping
-
Upload
jonathan-leblanc -
Category
Technology
-
view
127 -
download
1
Transcript of Understanding Box applications, tokens, and scoping
![Page 1: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/1.jpg)
![Page 2: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/2.jpg)
Application Access
![Page 3: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/3.jpg)
![Page 4: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/4.jpg)
4
Concern Areas:
Type of Users
Types of Content
Default Scopes
Type of Users: Will you be working with users
within an entire enterprise, or just the app?
Types of Content: Do you need to access and
manage data within the enterprise?
Default Scopes: Read / Write (A,E), Manage
Users (A,E), Manage Groups (A,E), Manage
Enterprise Properties (E).
![Page 5: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/5.jpg)
![Page 6: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/6.jpg)
Application Scopes
![Page 7: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/7.jpg)
![Page 8: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/8.jpg)
Scope Name: root_readwrite
Capabilities:
• Upload / view / download / update file
versions.
• Create / edit / delete collaborations,
tags, tasks, comments, @mentions,
task assignments, notifications, and
collections.
• View enterprise profile information.
8
![Page 9: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/9.jpg)
9
Scope Name: manage_managed_users
Capabilities:
• Subset of manage enterprise scope
• Add / view / edit / delete / activate /
disable Box users.
• Change primary login, reset password,
change role for managed user and
enterprise content.
![Page 10: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/10.jpg)
10
Scope Name: manage_app_users
Capabilities:
• Allows application to provision and
manage its own app users.
• Add / view / edit / delete / activate /
disable app users.
![Page 11: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/11.jpg)
11
Scope Name: manage_groups
Capabilities:
• Subset of manage an enterprise scope
• View / create / edit / delete groups and
group memberships for all users.
![Page 12: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/12.jpg)
12
Scope Name: manage_webhook
Capabilities:
• Allows your app to programmatically
control webhooks.
• Create / fetch / update / delete new or
existing webhooks.
![Page 13: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/13.jpg)
13
Scope Name:
manage_enterprise_properties
Capabilities:
• Subset of the manage an enterprise
scope.
• View and edit enterprise attributes
and reports, edit and delete device
pinners (what devices can use
native Box applications).
![Page 14: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/14.jpg)
14
Scope Name: manage_data_retention
Capabilities:
• View, create, and fetch content
retention policies with Box
Governance.
![Page 15: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/15.jpg)
Advanced Application Features (JWT)
![Page 16: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/16.jpg)
![Page 17: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/17.jpg)
Purpose: Perform actions on behalf of
another user.
Capabilities:
• Needed for full SDK functionality
for user actions (As-User header)
• Allows you to properly manage
users, their content, and actions.
17
![Page 18: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/18.jpg)
18
Purpose: For JWT applications,
create individual OAuth 2 tokens for
users.
Capabilities:
• Needed for full SDK functionality
for JWT application user actions.
• Allows you to bypass the need for
credentials in the typical OAuth 3-
legged flow.
![Page 19: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/19.jpg)
Authorization and Applications
![Page 20: Understanding Box applications, tokens, and scoping](https://reader033.fdocuments.us/reader033/viewer/2022052606/5a65729c7f8b9a931a8b588f/html5/thumbnails/20.jpg)