OAuth2 issues authorizing to Box

I am using REST snaps to connect to and perform functionality in Box that are not available via Box Snaps. I am having trouble establishing my OAuth2 account. I have my ‘application’ setup in Box to connect to and have the client ID and secret all setup as well as the redirect URI to go to https://elastic.snaplogic.com/api/1/rest/admin/oauth2callback/rest.

When I try to authorize in the account creation in SnapLogic, I get prompted as expected by Box but am then redirected to a SnapLogic error after logging in. The error details state:

“Unable to decrypt property ‘$.settings.client_id’ with key: account-autogen”
“400 Bad Request”

Any ideas?

In Box:
Configuration > OAuth 2.0 Redirect URI = https://elastic.snaplogic.com/api/1/rest/admin/oauth2callback/rest

Integration > Web App Integration > Client Callback URL = https://elastic.snaplogic.com:443/api/1/rest/slsched/feed/Box/Utilities/shared/Box%20Application%20YourDemo%20Task?bearer_token=[your Authorization Token]

In Snaplogic:

OAuth2 Endpoint: https://www.box.com/api/oauth2/authorize
OAuth2 Token: https://www.box.com/api/oauth2/token

Hope this help!

Thank you for the response. I am new to the concept of the Box Integration and am curious if this is necessary. The error I am receiving is while trying to create/authorize a new REST OAuth2 Account in SnapLogic to use when calling Box APIs via the REST Snaps.

Is your response indicating that I need to create a task for my pipeline in order to get the URL and bearer token for the web integration setup? I would like to be able to create the account and run it locally in SnapLogic prior to moving on to the task creation.

Thanks,
Jason

No it isn’t necessary but just in case you want to.

OK. Thanks again for your time and responses. I have referenced your original response and checked my settings in both SnapLogic and Box.

For the Box settings, the Redirect URI looks correct in the application. I have not created a triggered task for this pipeline, so I have not setup anything in the web app integration settings.

For SnapLogic, I have similar oauth2 settings in my account settings - the only difference being that I am pointing to a development instance of Box which uses a sub-domain of box.com.

When I go to authorize the account in SnapLogic, I am prompted to login to Box as expected, however am still receiving the error I quoted in my original post.

Could I be missing something in my administration configuration in Box? Do I need to explicitly grant some type of add the SnapLogic application somewhere? I can connect to the APIs just fine when using the Box developer token.

Do you get this page? Did you checked “Header authenticated” checkbox?

When clicking “Authorize” when creating/editing the user in SnapLogic, I do see the page you included. When I click “Grant access to Box” I am redirected to the URL, https://elastic.snaplogic.com/api/1/rest/admin/oauth2callback/rest which includes a “state” parameter and a “code” parameter. However, the page displays this error below.

{“query_string”: “state=hostname%3Dhttps%3A%2F%2Felastic.snaplogic.com%2Cinstance_id%#############################################&code=##################################”, “path”: “/api/1/rest/admin/oauth2callback/rest”, “response_map”: {“error_list”: [{“message”: “Unable to decrypt property ‘$.settings.client_id’ with key: account-autogen”}]}, “http_status”: “400 Bad Request”, “http_status_code”: 400}

Thanks again for your time and insight!

@jposey, I’m curious, what use case are you trying to enable?

It is NOT fully tested nor feature complete, but I’ve been dabbling on a new Box snap pack to enable more of their API (with 136 snaps!!). I also implemented Box’s JWT account authentication, which allows you to authenticate as either a service account or as an “App User”. If you want to experiment with this let me know (although FYI I’m extremely busy the next two weeks so you may have to prod me).

I’ll also be at Box Works in the late morning and afternoon tomorrow if you’re attending that!

-Andrew

At a high-level, I am trying to upload documents to Box and populate a Box metadata template with values specific to the documents. Box Snaps allow me to upload the document and obtain the Box file ID, but I am having to leverage the Box APIs in order to do the metadata components.

Have you been able to successfully create an oAuth account do leverage within the REST snaps with Box? If so, I’d be interested in if you’ve seen issues similar to what I have asking about in this thread.

For those that have used SnapLogic Box snaps, I have a question about the configuration in Box necessary to be able to create a “Box Account” through SnapLogic. The screens below show that I am choosing to create a “box.com” account in SnapLogic. When entering info and clicking “authorize” I get the error on the second screen.

Capture20171016

Sorry, no I don’t need to use the REST snaps with Box. :expressionless:

WRT to “Disabled by Administrator”, what’s likely happened is your Box administrator at your enterprise has switched to a whitelisted-only form of application permissioning. You’ll need to get the client id of the SnapLogic app added by your admin.

1 Like

Thanks for the feedback. Where do I obtain the client ID of SnapLogic?

@andrew_holbrook

We need to write files to box location via a box service account and are using the same method mentioned in this thread(i.e. via REST API) and are facing the “Disabled by Administrator” error.

can you please let us know about the client ID of snaplogic app and where can we find it.

Hi @Jyoti_Khatanhar, I would recommend reaching out to your TAM and ask them to provide it.

1 Like

@andrew_holbrook
I need to use box service account, could you help me to create JWT account authentication.
Any help will be highly appreciated.
Thanks