New Box App Center (formally App Gallery)
New Box App Center (formally App Gallery)
You can now visit the completely updated Box App Center to find the over 1500+ integrations you already know and love.
Updates
Box App Center provides a modernized catalog of apps and integrations and will be accessible from the Box Web app.
For end-users, the Box App Center makes it smoother to work the way you want to, thanks to the comprehensive selection of ready-to-use integrations from partners such as Microsoft, Zoom, Salesforce, and Slack, to name a few.
For IT leaders and admins, the Box App Center gives your users choice, without sacrificing security or user experience. And it eliminates shadow IT by providing a list of enterprise-approved options.
Box App Center will be part of the Core Box package; The Box App Center is available to all customers today!
Developer Resources
Are you interested in creating applications for the Box App Center or becoming a Box Partner? Check out the Box Partner Resources guides for more information!
Where to get support
Should you have any issues or need further guidance, please post a request to our developer forum for any help needed.
New Endpoints to Manage User Avatars
New Endpoints to Manage User Avatars
Starting today, the User Avatar APIs supports adding, updating, and deleting user avatars.
To create or update a user avatar, call the POST /users-id-avatar endpoint. Remember to include the path to the file you want to upload. If an avatar already exists, it will be replaced with the new photo uploaded.
curl -i -X POST -L https://api.box.net/2.0/users/userID/avatar
-H 'Authorization: Bearer <ACCESS_TOKEN>'
--form 'pic=@"path/to/file/file.jpeg"'
The response includes the user avatar object with URLs to the file location.
To delete a user avatar, call the DELETE /users-id-avatar endpoint:
curl -i -X DELETE -L https://api.box.net/2.0/users/userID/avatar
-H 'Authorization: Bearer <ACCESS_TOKEN>'
Where to get support
Should you have any issues or need further guidance, please post a request to our developer forum for any help needed.
OAuth 2.0 Redirect URL Strict Checking Enabled
OAuth 2.0 Redirect URL Strict Checking Enabled
Today, we turned on strict checking for all OAuth 2.0 applications.
On November 29, 2021, we announced new applications using OAuth 2.0 will require the URIs set in the configuration tab of the Developer Console to strictly match the one used during redirect.
This change has now been completed. If your enterprise had applications that were not following this standard, you should have received four emails over the past few months describing how to update your applications.
How to solve redirect errors
If you did not receive the email or missed the communication, below you will find the steps to mitigate any issues.
- You can change the redirect URL in the Box Developer Console configuration tab for your application. If the URLs are static, then you can update the Developer console to add multiple URLs. If the URLs are dynamic, then update your application to use a static URL or use the state parameter.
- You can change the redirect URL used in your application code to strictly match the URL in the developer console.
For option #1, please use these steps:
- Login to Box as the application owner and navigate to the Box Developer Console
- Click on the application and navigate to the configuration tab
- Scroll down to the "OAuth 2.0 Redirect URI" section
- Update the current URL listed
For option #2, please modify your application code to replace the impacted used URLs to strictly match the URL in the Developer Console.
Updates
- Redirect URIs now force strict checking to match the URI passed in and URIs configured in the OAuth 2.0 application configuration
Where to get support
Should you have any issues or need further guidance, please post a request to our developer forum or file a ticket with Box Support.
Box UI Elements v15.0.0 released
Box UI Elements v15.0.0 released
15.0.0 (2022-05-16)
Bug Fixes & Features
This release fixes several bugs and adds new features. For a full list of changes, please see the release notes.
New Fields Added to Event Specification
New Fields Added to Event Specification
The Event resource specification now includes two new fields:
created_atspecifying when an event was createdrecorded_atspecifying when an event was registered in the database
Updates
- Added new fields
created_atandrecorded_atto the [Event] resource specification 2.
Where to get support
Should you have any issues or need further guidance, please post a request to our developer forum for any help needed.
New Editable Shared Links API
New Editable Shared Links API
Now, developers can make files editable via shared links using the API.
Documentation Updates
- Added a new
can_editvalue to thepermissionsobject for the file, folder, and web link resources - Added a new
shared_link_permission_optionsfield to thefile--fullresource - Added a shared link section for web links in the reference documentation
- Added a permissions page to the shared links guide documentation
- Combined the update and add shared link guide page since they utilize the same PUT endpoint
- Updated code snippets across several shared link pages
Enhancement Details
- Instead of having to collaborate a user into a file to give edit access, you can set the
shared_link.permissions.can_editfield totrue. - The
can_editfield will be returned for all shared link objects on files, folders, and web links; however, you can only set it to true for a file. - Our SDK libraries will gain this feature in the coming quarters.
- If an admin has turned off editable shared links in the admin console, you will not be able to use this feature.
cURL Example
curl -i -X PUT 'https://api.box.com/2.0/files/123456789?fields=shared_link' \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer [ACCESS TOKEN]' \
-d '{
"shared_link": {
"permissions": {
"can_preview": true,
"can_download": true,
"can_edit": true
}
}
}'
Where to get support
Should you have any issues or need further guidance, please post a request to our developer forum for any help needed.
New Field Added to Sign Events Payload
New Field Added to Sign Events Payload
The additional_details Sign Events payload now includes the batch_send field identifying a sign request sent to multiple recipients at once. If such a batch send request exists, the payload also provides its id.
Updates
- Added new field
batch_sendtoadditional_detailspayload for Sign Events.
Where to get support
Should you have any issues or need further guidance, please post a request to our developer forum for any help needed.