A Managed User is the most regular Box user. It's an employee of an enterprise that can log in to the Box web and mobile apps. There are a few variations of Managed Users.
A Managed User with an admin or co-admin role is often referred to as an Admin User.
The admin and co-admins for a Box Enterprise are the maintainers of the Box instance and therefore are granted more access than a regular user. This means that Admin Users can manage some resources like groups, users, and metadata templates via the API, while regular Managed Users can not.
An externally managed user, or External User, is a Managed User that belongs to a different enterprise than the application.
External users are often encountered when they are collaborated in on content owned by a user of the application's enterprise, or when they authorize your application via OAuth 2.0.
As External Users do not belong to the application's enterprise they don't appear when retrieving a list of all users for an enterprise. Similarly, applications can not create, edit, or otherwise manage External Users.
There are a few limitations when using Managed Users via the Box API.
- It is not possible to access or a Managed User's data when using JWT authentication unless the application has been configured to have "Enterprise"-level "Application Access" in the developer dashboard.
- It is not possible to act on behalf of a Managed User's when using JWT authentication unless the application has been configured to "Perform Actions as Users" or "Generate User Access Tokens".