Box.net authentication

An authorization token is required for every API call. For OpenBox Actions, you generally don't need to worry about auth tokens, since the URL's given to you by the Box Parameters generally have the auth tokens already specified in them. Auth tokens are useful only if you want to perform API methods on the file other than overwrite, copy, and share. Those three actions can be done with the pre-formed URL's given in Box Parameters. You can learn more about the other things you can do with a file and an auth token here.

There are two types of authentication tokens: user authentication tokens and file authentication tokens. User auth tokens are obtained through our traditional ticket authentication process, work for all files of a user and never expire. File auth tokens applies to OpenBox actions each time the action is executed on a specific file, work only for the specific file that the action was performed on, and expire after 24 hours.

To authenticate users please follow the following steps:

Get a ticket calling get_ticket method.
Redirect the user to www.box.net/api/1.0/auth/<ticket>.
User authenticates on box.net.

For desktop software, users will see a message that they can now proceed into the application.

The user can then press a button in the application to continue authentication, at which point the application can get the auth_token by calling the get_auth_token method, which will authenticate further requests.

For web-based applications, the user will be redirected to a url provided in your application settings at enabled.box.net (Enabled is our old development site. We are in the process of moving the content to Box, but in the meantime if you want to use the redirection you will have to create a project of the same name on enabled.box.net in order to setup the redirect URL. This project will be connected to your service on OpenBox).

At the end of the url auth_token= will be appended after '&' or '?' mark depending on your redirect url.

After the user has authenticated, the next step depends on whether you're writing a web application or a desktop application.

OpenBox Developer Documentation

ApiAuthentication

Box.net features

Box.net user help

Introduction to OpenBox Actions

Creating Actions

Action Parameters

Popup Actions

Getting started with the API

Authenticating Users

Using REST

Using SOAP

Using XML-RPC

ApiExamples

get_ticket

get_auth_token

logout

register_new_user

verify_registration_email

get_account_tree

export_tags

create_folder

move

rename

delete

public_share

public_unshare

private_share

add_to_mybox

add_to_tag

get_file_info

set_description

get_friends

request_friends

Download, Upload, Overwrite, and new_copy

Box.net authentication

Page Information

Wiki Information

Recent PBwiki Blog Posts