box-apibox

Using As-User in Box Request


I was trying to make Box Enterprise API work using As-User. I have a admin account which i used to try to retrieve the Contents in a sub account.

I first used the admin account to retrieve the User ID of the sub account. And added the User ID as a field "As-User: ########". However, I was returned with a reply of 403.

The error message : "The request requires higher privileges than provided by the access token."

I am using the access token i had used to retrieve the user list. Do I have to get a new access token using the as the new user? or is the admin access token fine?

GET /2.0/folders/0/items HTTP/1.1\r
Host: api.box.com\r
Authorization: Bearer #######################\r
As-User: ########\r
Connection: close\r
\r

The access code is the same access code used to retrieve the user list /user

All the scopes has been checked

enter image description here


Solution

  • Your application must be manually approved by Box for As-User requests. The documentation mentions this but it's easy to miss. To start the approval process send Box a note and include your API Key.