At this point we have application code that will handle traffic from users
visiting, forward them to Okta to login, provide Okta user information, before
finally handing off to a yet to be created handler for Box.
This section will cover the final Box components:
- Validating if an Okta user has an associated Box app user account.
- Creating a new app user for the associated Okta record if they don’t.
- Fetching tokens for the Box user to make user-specific API calls.
Before validating users we need a method for creating an associated Box user
account if one doesn’t already exist for the Okta user.
Validate Okta Users
With the create user functionality defined, let’s turn our attention to
defining the code for validating whether an Okta user record has an associated
Box user record by searching all Box enterprise users for the associated
external_app_user_id.
Make Authenticated Box User Calls
Once an associated Box user is found for the Okta user we’re going to generate
an access token specifically
to make Box
API calls, then make a call to get the current user to ensure that everything
is working and that we have a valid user access token.
Summary
- You’ve validated whether an Okta user exists as a Box user.
- You’ve creating a new app user if they don’t exist.
- You’re making a Box API call for an existing Box user.
Last modified on January 19, 2026