Understanding Box applications, tokens, and scoping

Application Access

Concern Areas:

Type of Users

Types of Content

Default Scopes

Type of Users: Will you be working with users

within an entire enterprise, or just the app?

Types of Content: Do you need to access and

manage data within the enterprise?

Default Scopes: Read / Write (A,E), Manage

Users (A,E), Manage Groups (A,E), Manage

Enterprise Properties (E).

Application Scopes

Scope Name: root_readwrite

Capabilities:

• Upload / view / download / update file

versions.

• Create / edit / delete collaborations,

tags, tasks, comments, @mentions,

task assignments, notifications, and

collections.

• View enterprise profile information.

Scope Name: manage_managed_users

Capabilities:

• Subset of manage enterprise scope

• Add / view / edit / delete / activate /

disable Box users.

• Change primary login, reset password,

change role for managed user and

enterprise content.

Scope Name: manage_app_users

Capabilities:

• Allows application to provision and

manage its own app users.

• Add / view / edit / delete / activate /

disable app users.

Scope Name: manage_groups

Capabilities:

• Subset of manage an enterprise scope

• View / create / edit / delete groups and

group memberships for all users.

Scope Name: manage_webhook

Capabilities:

• Allows your app to programmatically

control webhooks.

• Create / fetch / update / delete new or

existing webhooks.

Scope Name:

manage_enterprise_properties

Capabilities:

• Subset of the manage an enterprise

scope.

• View and edit enterprise attributes

and reports, edit and delete device

pinners (what devices can use

native Box applications).

Scope Name: manage_data_retention

Capabilities:

• View, create, and fetch content

retention policies with Box

Governance.

Advanced Application Features (JWT)

Purpose: Perform actions on behalf of

another user.

Capabilities:

• Needed for full SDK functionality

for user actions (As-User header)

• Allows you to properly manage

users, their content, and actions.

Purpose: For JWT applications,

create individual OAuth 2 tokens for

users.

Capabilities:

• Needed for full SDK functionality

for JWT application user actions.

• Allows you to bypass the need for

credentials in the typical OAuth 3-

legged flow.

Authorization and Applications

Understanding Box applications, tokens, and scoping

Technology

BattleForce Tokens Mercs

Hard Times Tokens Part One – Political Tokens

Canada Bank Tokens

Advanced Tokens Manager

Tokens expressionsin C++

Pondemonium Tokens

Texas Trade Tokens

iGO white-paper V3 V3... · 2019. 10. 15. · IGOS IGOS 1 IGOS = 0,1$ 100.000.000 IGOS TOKENS 80.000.000 IGOS TOKENS 5.000.000 IGOS TOKENS 75.000.000 IGOS TOKENS 7th October 2019,

The JSON Data Interchange Format - VRML set of tokens includes six structural tokens, strings, numbers, and three literal name tokens. The six structural tokens: [ U+005B left square

Gold Coin Tokens

OAuth Tokens

HVDC Cable Route Scoping Report - NorthConnect · 2016-04-25_NorthConnect_PER_REP_HVDC Scoping Report_Rev A HVDC Cable Route Scoping Report 2016.04.25_NorthConnect_PER_REP_HVDC Scoping

Hard Times Tokens Part One – Political Tokens 1832 to 1844

Hard Times Tokens Part Two Store Cards. The concept of store card tokens goes back to the 1790s in England when British Trade tokens (aka Conder tokens)

SRM Space Tokens

JSON Web Tokens

Two Towers Tokens

Simulia Used Tokens

Trustee Tokens

Jugula Tokens Uk