> ## Documentation Index
> Fetch the complete documentation index at: https://developer.box.com/llms.txt
> Use this file to discover all available pages before exploring further.

# JWT Auth

export const SignupCTA = ({children}) => {
  return <div className="flex flex-wrap items-center gap-4 p-5 rounded-lg border border-gray-200 dark:border-gray-700 my-6" style={{
    background: "linear-gradient(135deg, rgba(0, 97, 213, 0.06), rgba(0, 97, 213, 0.02))"
  }}>
      <div className="flex-1 text-sm leading-relaxed text-gray-700 dark:text-gray-300" style={{
    minWidth: "280px"
  }}>
        {children}
      </div>
      <div className="flex flex-col items-center gap-2">
        <a href="https://account.box.com/signup/developer#ty9l3" className="signup-cta-button inline-flex items-center whitespace-nowrap px-5 py-2 text-sm font-semibold text-white no-underline">
          Get started for free
        </a>
        <a href="https://account.box.com/developers/console" className="signup-cta-login text-xs text-gray-500 dark:text-gray-400 no-underline whitespace-nowrap">
          Already have an account? Log in
        </a>
      </div>
    </div>;
};

export const MultiRelatedLinks = ({sections = []}) => {
  if (!sections || sections.length === 0) {
    return null;
  }
  return <div className="space-y-8">
      {sections.map((section, index) => <RelatedLinks key={index} title={section.title} items={section.items} />)}
    </div>;
};

export const RelatedLinks = ({title, items = []}) => {
  const getBadgeClass = badge => {
    if (!badge) return "badge-default";
    const badgeType = badge.toLowerCase().replace(/\s+/g, "-");
    return `badge-${badge === "ガイド" ? "guide" : badgeType}`;
  };
  if (!items || items.length === 0) {
    return null;
  }
  return <div className="my-8">
      {}
      <h3 className="text-sm font-bold uppercase tracking-wider mb-4">{title}</h3>

      {}
      <div className="flex flex-col gap-3">
        {items.map((item, index) => <a key={index} href={item.href} className="py-2 px-3 rounded related_link hover:bg-[#f2f2f2] dark:hover:bg-[#111827] flex items-center gap-3 group no-underline hover:no-underline border-b-0">
            {}
            <span className={`px-2 py-1 rounded-full text-xs font-semibold uppercase tracking-wide flex-shrink-0 ${getBadgeClass(item.badge)}`}>
              {item.badge}
            </span>

            {}
            <span className="text-base">{item.label}</span>
          </a>)}
      </div>
    </div>;
};

export const Link = ({href, children, className, ...props}) => {
  const localizedHref = href;
  return <a href={localizedHref} className={className} {...props}>
      {children}
    </a>;
};

<RelatedLinks
  title="REQUIRED GUIDES"
  items={[
{ label: translate("Select Auth Method"), href: "/guides/authentication/select", badge: "GUIDE" }
]}
/>

Server-side authentication using JSON Web Tokens (JWT) is the most common way to
authenticate to the Box API. JWT is an [open standard](https://jwt.io/)
designed to allow powerful server-to-server authentication.

<Frame border>
  <img src="https://mintcdn.com/box/J_EwM_J-GUl8Mc67/guides/authentication/jwt/jwt-flow.png?fit=max&auto=format&n=J_EwM_J-GUl8Mc67&q=85&s=af272cc088e06e7530706121bd103a9c" alt="The JWT flow" width="1920" height="1080" data-path="guides/authentication/jwt/jwt-flow.png" />
</Frame>

Server-side authentication using JWT is only available to the Platform Application
<Link href="/guides/applications/platform-apps/index">app type</Link>. This authentication method does not require end-user
interaction and, if granted the proper privileges, can be used
to act on behalf of any user in an enterprise.

There are two ways you can verify an application's permissions:

* using a public and private key pair
* using a client id and client secret (<Link href="/guides/authentication/client-credentials">Client Credentials Grant</Link>)

To learn more about these options visit our guide on using
<Link href="/guides/authentication/jwt/without-sdk">JWT without SDKs</Link>.

Upon authorizing a JWT application in the Box Admin Console, a
<Link href="/platform/user-types/#service-account">Service Account</Link> is automatically generated and is the default
Access Token used when authenticating. This is an admin-like user and why
applications leveraging JWT require explicit Box Admin approval before use.

## When to use JWT

Server-side authentication with JWT is the ideal authentication method for apps
that:

* Work with users that don't have a Box account
* Want to use their own identity system
* Don't want users to have to know that they are using Box
* Want to store data within the application's Box account and not within the the user's Box account

<SignupCTA>
  A free developer account gives you access to the Developer Console, where you can create a JWT application and start authenticating server-to-server in minutes.
</SignupCTA>

<RelatedLinks
  title="RELATED GUIDES"
  items={[
{ label: translate("Platform App"), href: "/guides/applications/platform-apps/index", badge: "GUIDE" },
{ label: translate("Select Auth Method"), href: "/guides/authentication/select", badge: "GUIDE" }
]}
/>