It is possible to for a JWT application to act on behalf of another user
by leveraging the
curl https://api.box.com/2.0/folders/0 \ -H "as-user: [USER_ID]" -H "authorization: Bearer [ACCESS_TOKEN]"
The application must be configured to perform actions as users in the Developer Console.
Additionally, the authenticated user needs to be a user with Admin permissions, meaning either an Admin or Co-Admin. See our guide on User Types for more details.
All of the official Box SDKs support acting on behalf of a user using the