Box · Schema
Token request
A request for a new OAuth 2.0 token
Cloud StorageCollaborationContent ManagementDocumentsEnterpriseFile Sharing
Properties
| Name | Type | Description |
|---|---|---|
| grant_type | string | The type of request being made, either using a client-side obtained authorization code, a refresh token, a JWT assertion, client credentials grant or another access token for the purpose of downscopin |
| client_id | string | The Client ID of the application requesting an access token. Used in combination with `authorization_code`, `client_credentials`, or `urn:ietf:params:oauth:grant-type:jwt-bearer` as the `grant_type`. |
| client_secret | string | The client secret of the application requesting an access token. Used in combination with `authorization_code`, `client_credentials`, or `urn:ietf:params:oauth:grant-type:jwt-bearer` as the `grant_typ |
| code | string | The client-side authorization code passed to your application by Box in the browser redirect after the user has successfully granted your application permission to make API calls on their behalf. Used |
| refresh_token | string | A refresh token used to get a new access token with. Used in combination with `refresh_token` as the `grant_type`. |
| assertion | string | A JWT assertion for which to request a new access token. Used in combination with `urn:ietf:params:oauth:grant-type:jwt-bearer` as the `grant_type`. |
| subject_token | string | The token to exchange for a downscoped token. This can be a regular access token, a JWT assertion, or an app token. Used in combination with `urn:ietf:params:oauth:grant-type:token-exchange` as the `g |
| subject_token_type | string | The type of `subject_token` passed in. Used in combination with `urn:ietf:params:oauth:grant-type:token-exchange` as the `grant_type`. |
| actor_token | string | The token used to create an annotator token. This is a JWT assertion. Used in combination with `urn:ietf:params:oauth:grant-type:token-exchange` as the `grant_type`. |
| actor_token_type | string | The type of `actor_token` passed in. Used in combination with `urn:ietf:params:oauth:grant-type:token-exchange` as the `grant_type`. |
| scope | string | The space-delimited list of scopes that you want apply to the new access token. The `subject_token` will need to have all of these scopes or the call will error with **401 Unauthorized**. |
| resource | string | Full URL for the file that the token should be generated for. |
| box_subject_type | string | Used in combination with `client_credentials` as the `grant_type`. |
| box_subject_id | string | Used in combination with `client_credentials` as the `grant_type`. Value is determined by `box_subject_type`. If `user` use user ID and if `enterprise` use enterprise ID. |
| box_shared_link | string | Full URL of the shared link on the file or folder that the token should be generated for. |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "#/components/schemas/PostOAuth2Token",
"title": "Token request",
"type": "object",
"description": "A request for a new OAuth 2.0 token",
"required": [
"grant_type"
],
"properties": {
"grant_type": {
"type": "string",
"format": "urn",
"example": "authorization_code",
"description": "The type of request being made, either using a client-side obtained\nauthorization code, a refresh token, a JWT assertion, client credentials\ngrant or another access token for the purpose of downscoping a token.",
"enum": [
"authorization_code",
"refresh_token",
"client_credentials",
"urn:ietf:params:oauth:grant-type:jwt-bearer",
"urn:ietf:params:oauth:grant-type:token-exchange"
]
},
"client_id": {
"type": "string",
"description": "The Client ID of the application requesting an access token.\n\nUsed in combination with `authorization_code`, `client_credentials`, or\n`urn:ietf:params:oauth:grant-type:jwt-bearer` as the `grant_type`.",
"example": "ly1nj6n11vionaie65emwzk575hnnmrk"
},
"client_secret": {
"type": "string",
"description": "The client secret of the application requesting an access token.\n\nUsed in combination with `authorization_code`, `client_credentials`, or\n`urn:ietf:params:oauth:grant-type:jwt-bearer` as the `grant_type`.",
"example": "hOzsTeFlT6ko0dme22uGbQal04SBPYc1"
},
"code": {
"type": "string",
"format": "token",
"description": "The client-side authorization code passed to your application by\nBox in the browser redirect after the user has successfully\ngranted your application permission to make API calls on their\nbehalf.\n\nUsed in combination with `authorization_code` as the `grant_type`.",
"example": "n22JPxrh18m4Y0wIZPIqYZK7VRrsMTWW"
},
"refresh_token": {
"type": "string",
"format": "token",
"description": "A refresh token used to get a new access token with.\n\nUsed in combination with `refresh_token` as the `grant_type`.",
"example": "c3FIOG9vSGV4VHo4QzAyg5T1JvNnJoZ3ExaVNyQWw6WjRsanRKZG5lQk9qUE1BVQ"
},
"assertion": {
"type": "string",
"format": "jwt",
"description": "A JWT assertion for which to request a new access token.\n\nUsed in combination with `urn:ietf:params:oauth:grant-type:jwt-bearer`\nas the `grant_type`.",
"example": "xxxxx.yyyyy.zzzzz"
},
"subject_token": {
"type": "string",
"format": "token",
"description": "The token to exchange for a downscoped token. This can be a regular\naccess token, a JWT assertion, or an app token.\n\nUsed in combination with `urn:ietf:params:oauth:grant-type:token-exchange`\nas the `grant_type`.",
"example": "c3FIOG9vSGV4VHo4QzAyg5T1JvNnJoZ3ExaVNyQWw6WjRsanRKZG5lQk9qUE1BVQ"
},
"subject_token_type": {
"type": "string",
"example": "urn:ietf:params:oauth:token-type:access_token",
"description": "The type of `subject_token` passed in.\n\nUsed in combination with `urn:ietf:params:oauth:grant-type:token-exchange`\nas the `grant_type`.",
"enum": [
"urn:ietf:params:oauth:token-type:access_token"
]
},
"actor_token": {
"type": "string",
"format": "token",
"description": "The token used to create an annotator token.\nThis is a JWT assertion.\n\nUsed in combination with `urn:ietf:params:oauth:grant-type:token-exchange`\nas the `grant_type`.",
"example": "c3FIOG9vSGV4VHo4QzAyg5T1JvNnJoZ3ExaVNyQWw6WjRsanRKZG5lQk9qUE1BVQ"
},
"actor_token_type": {
"type": "string",
"format": "urn",
"example": "urn:ietf:params:oauth:token-type:id_token",
"description": "The type of `actor_token` passed in.\n\nUsed in combination with `urn:ietf:params:oauth:grant-type:token-exchange`\nas the `grant_type`.",
"enum": [
"urn:ietf:params:oauth:token-type:id_token"
]
},
"scope": {
"type": "string",
"format": "space_delimited_list",
"description": "The space-delimited list of scopes that you want apply to the\nnew access token.\n\nThe `subject_token` will need to have all of these scopes or\nthe call will error with **401 Unauthorized**.",
"example": "item_upload item_preview base_explorer"
},
"resource": {
"type": "string",
"format": "url",
"description": "Full URL for the file that the token should be generated for.",
"example": "https://api.box.com/2.0/files/123456"
},
"box_subject_type": {
"type": "string",
"example": "enterprise",
"description": "Used in combination with `client_credentials` as the `grant_type`.",
"enum": [
"enterprise",
"user"
]
},
"box_subject_id": {
"type": "string",
"example": "123456789",
"description": "Used in combination with `client_credentials` as the `grant_type`.\nValue is determined by `box_subject_type`. If `user` use user ID and if\n`enterprise` use enterprise ID."
},
"box_shared_link": {
"type": "string",
"format": "url",
"description": "Full URL of the shared link on the file or folder\nthat the token should be generated for.",
"example": "https://cloud.box.com/s/123456"
}
}
}