TeamDesk Knowledge Base & Support

   Home      FAQ      Forum      Idea Exchange      Ask a Question      My Stuff      Help   
  
Box.com API connexion - OAUTH
Hello to you all

I am struggling to connect TeamDesk to box.com API and I wonder if somebody could help me do this. This involves an OAUTH authentification.

As far as I understand, box.com provides token which are valid for one hour.
- The initial token have to be requested with OAUTH / this I am failing to do
- The successive tokens are refreshed without OAUTH. This I can do. I am using Integromat to create a refresh request every 50 minutes.

To make the OAUTH authentification, I am trying to use the OAUTH teamdesk system, which requires the following fields (Call workflow action with Generic :

1. Authorization URL
2. Token URL
3. Client ID
4. Client Secret
5. Scope

Box.com instructions (https://developer.box.com/guides/authentication/oauth2/without-sdk/) explain items 3,4,5, and REDIRECTION URL but not:
1. Authorization URL
2. Token URL
Could you explain what I should use in AUTHORIZATION URL and TOKEN URL ? Is any of them the same thing as REDIRECTION URL ?

Kind regards,

Pierre



ID
1466
Category
Integration/API
Author

Pierre
Date Created
9/13/2021 6:38:30 AM
Date Updated
9/22/2021 12:40:17 AM
Comments
Pierre 9/13/2021 10:20:32 AM
I found the solution to my issue:

Solved !
1) I was using the wrong OAUTH choice in Box.com; the correct one is OAuth 2.0 (User or Client Authentication)
(not with Grant Certificate)
2) When you choose this option, Box.com provides the correct redirect URI
3) Authorization URL is:
https://account.box.com/api/oauth2/authorize?client_id=CLIENTIDHERE&response_type=code&redirect_uri=https://app.box.com
Kind regards,
4) Leave Token URL empty
Pierre
Pierre 9/22/2021 12:40:17 AM
On this issue I received the great help of Kiril.

I'll take the liberty to copy here his answer which is far more clear and efficient than what I wrote:

------
Our Generic OAuth 2 Call URL's authorization type works with any OAuth2 enabled service and completely hides innards of token exchange process. The only trick is to set it up :)

First, some prep is required on box.com side.

On Box.com side:
-------------------
1. At the bottom of box.com sidebar there is a </> Dev Console link. Click.
2. Create New App -- Custom App. Specify OAuth 2.0. Name it. Create.
3. Navigate to app's Configuration tab
4. Set "OAuth 2.0 Redirect URI" to "https://my.datatailor.net/secure/oauth.aspx"
5. Copy Client ID and Secret.
6. Configure Scope -- that is what is allowed

On TeamDesk side setup Call URL action as follows:

Authorization
-------------------
Type: Generic OAuth v2
Authorization URL: https://account.box.com/api/oauth2/authorize
Token URL: https://api.box.com/oauth2/token
Client ID: <from step 5 above>
Client Secret: <from step 5 above>
Scope: in short: to read files use root_readonly, to read and write use root_readwrite.
Full list of scopes here: https://developer.box.com/guides/api-calls/permissions-and-errors/scopes/

Click Authorize button to obtain the code and set up the rest of the action -- that's what you are going to do with Box.com

-----

Also, we have sample "Cloud Uploads" database ( https://www.teamdesk.net/cloud_uploads ) you can use as a reference.

Feedback
Back to Search Results