create user/group not working using curl

0
votes

I am working on using box apis to create enterprise user and group. I am unable to create the user/group through curl or through java code as the request results in Forbidden error (403). Please note that the auth token has been created using enterprise admin credentials which could create the user/group in Box admin console.

Following is the curl command and its response :-

curl --insecure https://api.box.com/2.0/groups -H "Authorization: Bearer AUTH-TOKEN" -H "Content-type: application/json" -d "{"\"name"\": "\"family"\"}" -X POST -v

RESPONSE :-

> POST /2.0/groups HTTP/1.1
> User-Agent: curl/7.27.0
> Host: api.box.com
> Accept: */*
> Authorization: Bearer <AUTH-TOKEN>
> Content-Length: 18
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 18 out of 18 bytes
< HTTP/1.1 403 Forbidden
< S erver: nginx
< Date: Fri, 13 Dec 2013 13:04:52 GMT
< Content-Length: 0
< Connection: keep-alive
< WWW-Authenticate: Bearer realm="Service", error="insufficient_scope", error_description="**The request requires higher privileges than provided by the access token."**

Thanks, Alevi

2
box-api
Does your application have administrative scope turned on? You may need to turn it on, and then re-authenticate yourself through OAuth2 - Peter
Is your application enabled for admin-scoped tokens? - Peter
Hello Platform Boxer, Sorry for the delay in response. As suggested by you, i enabled the administrative scope and the above curl command worked !!!! Thanks :) However, i need to do the same programmatically and i am unable to perform a similar action through java json object. Follwing is the code for your reference:- - alevi.dcosta
JSONObject jobj = new JSONObject(); jobj.put("\"name"\", "\"abcdef1"\"); Using the above jsonobject and passing it to the HttpUrlConnection now gives the bad request error.. - alevi.dcosta
Are you trying to create a new account in Box? Or are you just trying to take one of the users in your enterprise and upgrade them to be a co-admin? - Peter

2 Answers

0
votes

To call APIs that manage users you have to meet several permissions requirements.

1) The app you build has to have "Manage an Enterprise" scope (Set this up in your application management console in the "OAuth2 parameters" 2) The user logging into your app has to have co-admin permissions 3) The co-admin has to specifically be allowed to "manage users"

Unless you meet all those criteria, you won't be able to call the API to add a user.
If you do, it should be a simple POST to ./users with a json payload with the user object. See http://developers.box.com/docs/#users-create-an-enterprise-user for an example CURL call

0
votes

I think you may just have the wrong slash.

Try this: 

curl https://api.box.com/2.0/groups -H "Authorization: Bearer ACCESS_TOKEN" -d "{\"name\”: \“my group\”}" -X POST