Configure Box

Configure Box

Once we have created a login experience with Okta we need to have a Box application available that will permit us to use the Box APIs to search for and create users that are associated with the Okta user account.

Set up a Box app

Create a new Box app

Create and configure a new Box JWT application to start with a clean user list.

Use an existing approved app

Use one of your existing admin approved Box JWT applications from the Box developer console.

Create a new Box app

To create a new Box application that may be used to call the Box APIs, use the following steps.

  1. Go to the Developer Console
  2. Select Create New App
  3. Select Custom App as the type of application to create, and click Next
  4. Select OAuth 2.0 with JWT as the authentication method, and click Next
  5. Give your Box app a unique name and click Create App
  6. Go to the app's configuration by clicking View Your App.
  7. Scroll to the Application Scopes section of the same screen and ensure that at least the following scopes are enabled:
    • Read and write all files and folders stored in Box
    • Manage Users
  8. Under Advanced Features ensure that both options are enabled to perform actions as users and generate user access tokens.
  9. At the top of the page click the button to Save Changes

Once the application is created it will still need to be approved by an enterprise admin before you will be able to make calls to the Box APIs.

Follow this guide to have the application approved in your enterprise.

Use an Existing JWT Box application

If you have an existing JWT based Box application in your developer console that you would like to use, ensure that the following options are set in the Configuration section of your application.

  • Authentication Method: Should be set to OAuth 2.0 with JWT (Server Authentication).
  • Application Scopes: Set at least the following scopes.
    • Read and write all files and folders stored in Box
    • Manage Users
  • Advanced Features: Both options should be enabled to perform actions as users and generate user access tokens.

Download Required Data

To begin working with the Box SDKs used in this tutorial, you will need the application configuration file from the Configuration page of your application. This will include all information needed to verify your application to start making API requests with the Box SDKs.

Within the Add and Manage Public Keys section of the Configuration page, click to Generate a Public/Private Keypair. This will send you through 2FA verification before downloading the configuration file for your application.

Store that file as config.json in a location accessible by your application.


  • You created a new, or are using an existing, Box app which is approved by an enterprise admin.
  • You downloaded your application configuration file and stored it in a location accessible by your application.