box api authentication from node.js

0
votes

I'm trying to build a NodeJS subsystem that is automatically syncing content with Box. I have existing "passport-box" authentication that is requiring user logging in from browser, but this is not an option for me. I need pure server-side authentication.

So, I've came across JWT as a possible way to do this, but I don't have a clue how to start, as I'm new to tokens approach. Possibly, Auth0 can be in hand - but, again, I don't know how exactly to use it.

Can someone point out which libraries should I use and where to connect to in order to construct a proper "Authentication: Bearer ..." header.

Currently I'm using passport-box and box-sdk nodejs modules, but seems like I'll need to change something in my approach, to get tokens without user interaction.

Thanks!

1
node.jsjwtboxauth0

1 Answers

0
votes

This rule would create a Box access_token for you, provided you re-establish a relationship between your Box account and your Auth0 one:

https://github.com/auth0/rules/blob/master/rules/creates-box-access-token.md

In essence:

  1. Box knows about Auth0 and trusts it to request access_tokens
  2. After a user logs in using any supported way in Auth0, it will run the above rule, that will issue a Box token
  3. The Box access_token is included in the user profile.
  4. Your app uses the token to access call Box API.