Box Developer Documentation
 

    Application Flow

    Application Flow

    In general, applications use Terms of Services as follows.

    When an application, authenticated as a user, tries to access an item in Box that requires the user to have accepted the relevant Terms of Service it receives a TERMS_OF_SERVICE_REQUIRED error.

    {
      "type": "error",
      "status": 400,
      "code": "terms_of_service_required",
      "context_info": {
        "tos_id": 261346614,
        "tos_user_status_id": 4562456
      },
      "help_url": "https://developer.box.com/guides/api-calls/permissions-and-errors/common-errors/",
      "message": "User must accept custom terms of service before action can be taken",
      "request_id": "ADF7722DD"
    }
    

    The application requests the Terms of Service's information by calling GET /terms_of_services/:id.

    {
      "id": 261346614,
      "type": "terms_of_service",
      "status": "enabled",
      "enterprise": {
        "id": 11446498,
        "type": "enterprise",
        "name": "Acme Inc."
      },
      "tos_type": "managed",
      "text": "By using this service, you agree to ...",
      "created_at": "2012-12-12T10:53:43-08:00",
      "modified_at": "2012-12-12T10:53:43-08:00"
    }
    

    The application can then show the text from the Terms of Service to the user.

    When the user accepts or rejects the terms, it makes a call to either PUT /terms_of_service_user_statuses/:id or POST /terms_of_service_user_statuses depending on if the initial error returned a tos_user_status_id in the response.