B

Box Platform API

REST discovered

Details
URL
https://api.box.com/2.0
Docs
https://developer.box.com/reference
Authentication
Box OAuth 2.0 platform app client + Box OAuth 2.0 platform app client Authorization: Bearer <credential> discovered
Box OAuth 2.0 platform app client oauth2 Set up OAuth ↗

Create or open an app in the Box Developer Console. Choose a Platform App using Standard OAuth 2.0, set your redirect URI, choose scopes, save changes, then copy the Client ID and Client Secret. Users then authorize via Box OAuth in the browser. For MCP, Box Admin Console can also generate integration credentials with a Client ID and Client Secret for the Box MCP server as documented in Set up the MCP server.

Box Client Credentials Grant app credentials oauth2_cc discovered Set up OAuth ↗
Authorization: Bearer <credential>

In the Box Developer Console, create a Platform Application using Server Authentication (with Client Credentials Grant). Enable 2FA on your Box account if needed to view/copy the secret, authorize the app for your enterprise, then copy the app Client ID and Client Secret. Exchange them at Box's token endpoint to obtain an access token as described in the Client Credentials Grant guide.

Box JWT platform app credentials jwt discovered Get key ↗
Authorization: Bearer <credential>

Create a Platform App in the Box Developer Console using Server Authentication (with JWT). Add a public key or generate a keypair in Box, keep the downloaded private key material, and authorize the app for your enterprise. Use the app's JWT configuration to mint Box access tokens as documented in the JWT auth guide.