Box Developer Documentation

Access token

A token that can be used to make authenticated API calls.

string (token)
c3FIOG9vSGV4VHo4QzAyg5T1JvNnJoZ3ExaVNyQWw6WjRsanRKZG5lQk9qUE1BVQ

The requested access token.

integer (int64)
3600

The time in seconds by which this token will expire.

string (urn)
urn:ietf:params:oauth:token-type:access_token

The type of downscoped access token returned. This is only returned if an access token has been downscoped.

Value is always urn:ietf:params:oauth:token-type:access_token

string (token)
c3FIOG9vSGV4VHo4QzAyg5T1JvNnJoZ3ExaVNyQWw6WjRsanRKZG5lQk9qUE1BVQ

The refresh token for this access token, which can be used to request a new access token when the current one expires.

object array

The permissions that this access token permits, providing a list of resources (files, folders, etc) and the scopes permitted for each of those resources.

The file or folder resource

item_download

The scopes for the resource access

Value is one of annotation_edit,annotation_view_all,annotation_view_self,base_explorer,base_picker,base_preview,base_upload,item_delete,item_download,item_preview,item_rename,item_share,item_upload

string
bearer

The type of access token returned.

Value is always bearer

Response Example

{
  "access_token": "c3FIOG9vSGV4VHo4QzAyg5T1JvNnJoZ3ExaVNyQWw6WjRsanRKZG5lQk9qUE1BVQ",
  "expires_in": 3600,
  "issued_token_type": "urn:ietf:params:oauth:token-type:access_token",
  "refresh_token": "c3FIOG9vSGV4VHo4QzAyg5T1JvNnJoZ3ExaVNyQWw6WjRsanRKZG5lQk9qUE1BVQ",
  "restricted_to": [
    {
      "object": {
        "etag": "1",
        "id": "12345",
        "type": "folder",
        "name": "Contracts",
        "sequence_id": "3"
      },
      "scope": "item_download"
    }
  ],
  "token_type": "bearer"
}