JWT with SDKs
JWT with SDKs
The official Box SDKs have build-in support for JWT authentication.
This guide will take you through user authentication using JWT with the use of the Box SDKs. JWT authentication is designed for working directly with the Box API without requiring a user to redirect through Box to authorize your application.
Overview
To complete a JWT authorization the following steps need to be completed.
- Read the configuration file
- Initialize an SDK client
At the end of this flow, the application has a Box SDK client that can be used to make API calls on behalf of the application.
Prerequisites
Before we can get started, you will need to have completed the following steps.
- Create a Box Application within the developer console
- Create and download the private key configuration file for your application
and save it as
config.json
- Ensure your Box Application is approved for usage within your enterprise
1. Read JSON configuration
After creating a Box Application there should be a config.json
file containing
the application's private key and other details. The following is an example.
{
"boxAppSettings": {
"clientID": "abc...123",
"clientSecret": "def...234",
"appAuth": {
"publicKeyID": "abcd1234",
"privateKey": "-----BEGIN ENCRYPTED PRIVATE KEY-----\n....\n-----END ENCRYPTED PRIVATE KEY-----\n",
"passphrase": "ghi...345"
}
},
"enterpriseID": "1234567"
}
To use this object in the application it needs to be read from file. Most
var reader = new StreamReader("path/to/config.json");
var json = reader.ReadToEnd();
var config = BoxConfig.CreateFromJsonString(json);
Reader reader = new FileReader("path/to/config.json");
BoxConfig config = BoxConfig.readFrom(reader);
from boxsdk import JWTAuth
config = JWTAuth.from_settings_file('path/to/config.json')
var config = require('path/to/config.json');
2. Initialize SDK client
The next step is to configure the Box SDK with the configuration and then initialize the client to connect as the application.
var sdk = new BoxJWTAuth(config);
var token = sdk.AdminToken();
BoxClient client = sdk.AdminClient(token);
BoxDeveloperEditionAPIConnection api = BoxDeveloperEditionAPIConnection.getAppEnterpriseConnection(config);
client = Client(config)
var sdk = BoxSDK.getPreconfiguredInstance(config);
var client = sdk.getAppAuthClient('enterprise');
Summary
By now the application should be able to authorize an application using JWT with any of our official SDKs, by using the following steps.
- Read the configuration file
- Initialize an SDK client
To learn how to use this client head over to the guide on Making API calls.