Connect Okta identities to Box App Users in a web app

Okta is a popular access management and identity platform used by companies to provide a unified method for managing and authenticating into multiple applications with a single set of credentials and a single secure dashboard.

When connected to a custom Box application, the Okta APIs may be used to provide a single login mechanism to identify users within the Box application, allowing you to have a unified experience between your unified identity system (Okta) and the Box APIs.

Overview

This quick start guide will walk you through how to programmatically use Okta to log in to a Box application, provision an app user in Box that is linked to the Okta user, then make Box API calls on behalf of that user.

This will take you through the following steps.

1. Scaffold your application code so that we have a web application that we can log in to.
2. Setup and configure your Okta application and create a first user that we can use to log into the web app with, and eventually create a Box account for.
3. Setup and configure your Box application so that we can connect your web application to Box.
4. Create a log in flow for your application, allowing the Okta user to log in to your web application.
5. Find an existing Box user, and optionally create a Box user the first time that Okta user logs into your web application.
6. And finally, run the application and the see the complete flow in action.

At the end of the tutorial we will output a single message to the browser. If this is the first time an Okta user logs in to Box via the application, an associated Box user will be created and the message New user created: {{USERNAME}} will be output to the browser.

When attempting to log in with this user in subsequent attempts, a message stating Hello {{USERNAME}} will now be output to the browser.