1

I got "As-User" header enabled with our enterprise admin account with Box.com to impersonate other users and trying to use the previously generated token without refreshing/regenerating every time. When I am trying to connect Box.com thru my vb.net code, getting "Box returned HTTP Code Unauthorized (Unauthorized): " error. What I am doing wrong? Do i need to write any extra code?

Do I need to compare the token generated file creation date with today's date for less than 60 days, in order to refresh/regenerate the token before it expires?

'''' Reading Refresh token from the file Dim streamReader As StreamReader streamReader = System.IO.File.OpenText(Server.MapPath("~\Box\BoxApiRefreshToken.txt")) oldRefreshToken = streamReader.ReadToEnd() streamReader.Close()

boxManager = New BoxManager(oldRefreshToken)

Sukumar Reddy Narra
  • 23
  • 4
  • You may need to do one or both of the following: 1. Make sure the 'Manage an Enterprise' scope is enabled on your application. 2. Get a brand new access/refresh token pair. – John Hoerr Jul 09 '15 at 14:28
  • The As-User and Manage an Enterprise features are enabled by Box.com. I generated new Authorization code and Refresh Token using https://box-oauth2-mvc.azurewebsites.net/. I tried boxManager = New BoxManager("New Refresh Token") and got "Box returned HTTP Code Unauthorized 401 (Unauthorized): " error msg. Any extra code needed? What I am missing more? – Sukumar Reddy Narra Jul 09 '15 at 16:31
  • At this point I'd recommend that you file a support ticket with Box. – John Hoerr Jul 09 '15 at 16:43
  • I will do that. But my question to you is-- Do I need any extra lines of code? OR what I am doing is enough? Thanks! – Sukumar Reddy Narra Jul 09 '15 at 16:47
  • I'm sorry, but I don't know enough about the particulars of your configuration to help you any further. – John Hoerr Jul 09 '15 at 16:52

1 Answers1

1

Once you apply a new scope to your API key you have to walk through the manual OAuth process again for that scope to apply to your access token. Try logging in again through OAuth, generate a new access/refresh token pair, then attempt to make your request with the As-User header.

Keep in mind co-admins cannot attempt to make API requests as other co-admins or the primary admin.

Kelsey
  • 51
  • 3