Using As-User in Box Request

4
votes

I was trying to make Box Enterprise API work using As-User. I have a admin account which i used to try to retrieve the Contents in a sub account.

I first used the admin account to retrieve the User ID of the sub account. And added the User ID as a field "As-User: ########". However, I was returned with a reply of 403.

The error message : "The request requires higher privileges than provided by the access token."

I am using the access token i had used to retrieve the user list. Do I have to get a new access token using the as the new user? or is the admin access token fine? 

GET /2.0/folders/0/items HTTP/1.1\r
Host: api.box.com\r
Authorization: Bearer #######################\r
As-User: ########\r
Connection: close\r
\r

The access code is the same access code used to retrieve the user list /user

All the scopes has been checked

enter image description here

2
box-apibox

2 Answers

3
votes

Your application must be manually approved by Box for As-User requests. The documentation mentions this but it's easy to miss. To start the approval process send Box a note and include your API Key.

0
votes

I am unable to add a comment on this, so I would like to add (in case the support staff doesn't give you a head's up) you may have to do this after they enable the As-User header --

  1. Go back to your - Admin Console->Business Settings->Apps
  2. Find the Custom Applications section
  3. Authorize or reauthorize the app you are working with