Image for post
Image for post

We are excited to announce a new method for authenticating your JWT applications: Client Credentials Grant. Prior to today, we required a public/private key pair and assertion to verify an application’s identity and retrieve an Access Token. Now, with this open standard, you can request a token using only your client ID and client secret!

This authentication method is only available to new applications using the Custom Application app type and will not impact any existing applications. In addition, when you select your authentication method, you will now be unable to switch to another without creating a brand new application. …

In an effort to streamline the app creation process and get you to your first API call as fast as possible, we simplified our new app creation flow! There are now three types of applications: Custom Apps, Limited Access Apps, and Box Custom Skills. We added plain language to describe exactly when to select each app type and links to relevant documentation if you require additional information to help with your selection. The application type you select impacts which authentication methods are available.

Once your selection is made, you will now be automatically redirected to your application’s configuration tab of the Developer Console. Here you can immediately finish configuring your application and generate a developer token to begin making API calls. …


Kourtney Meiss

Box Developer Advocate 📦

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store