\\
Box REST API based integration: [Documentation Link|https://developer.box.com/reference]\\
\\
----
__⚠️ Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domains for DropBox Authentication and storage access: __api.box.com__\\
----
__⚠️ Restriction:__\\
- REST API does not support __resume__ on upload\\
- No mdtm (File modification time) changes.\\
- The REST API does not support streaming during upload. For large file uploads (files larger than __25 MB__), CrushFTP temporarily stores the file in the following location: __CrushFTP Install Folder/box/<<box username>>__\\
----
!1. Box Custom App Configuration (JWT Authentication)\\
\\
Create a new __Custom App__ at __Box Developer Console__ ([Box Console Link| https://app.box.com/developers/console]). Select __Custom App__ as the app type to begin configuring your integration with Box services.\\
[attachments|box_create_custom_app.png]\\
\\
CrushFTP uses the __JWT Authentication__ (More info: [Box JWT Link|https://developer.box.com/guides/authentication/jwt/]) method provided by Box, not standard OAuth 2.0. When configuring your __Box application__, make sure to select __JWT-based authentication__ as the authorization method.\\
\\
[attachments|box_jwt_auth.png]\\
\\
In the Custom App’s configuration, select __App + Enterprise Access__ as the authentication method to enable __full access__ for server-side integrations within your Box enterprise environment.\\
\\
[attachments|box_app_access_level.png]\\
\\
Under __Application Scopes__, enable the following permissions by checking the boxes:\\
✅ __Write all files and folders stored in Box__\\
✅ __Manage users__\\
These scopes are required to __allow CrushFTP to upload data__ and interact with Box user accounts on your behalf.\\
\\
[attachments|box_app_scopes.png]\\
\\
In the __Advanced Features__ section, check the box:\\
✅ __Make API calls using the as-user header__\\
This allows the application __to act on behalf of Box users__ within your enterprise using the as-user header.\\
\\
[attachments|box_as_user_header.png]\\
\\
Generate the __RSA keypair__ for __JWT authentication__ by navigating to:\\
__Configuration -> Add and Manage Public Keys__, then click __Generate a Public/Private Keypair__.
It will generate the keypair and display the private key only once — ⚠️ be sure to download and securely store it for later use in your CrushFTP Box JWT configuration.\\
\\
[attachments|box_rsa_keypair.png]\\
\\
Save your __Custom App__ changes: After configuring your Custom App, make sure to __save all__ changes.\\
⚠️  Go to the Authorization tab and click __Review and Submit__to request __Box Admin approval__. This step is required to activate the app and grant it access to your enterprise data.\\
⚠️ __Important__: Any future changes made to the __Custom App__ configuration will require re-authorization. The Box Admin must re-authorize the application after each change to ensure continued functionality.\\
\\
Dwonload JSON file from __Configuration -> App Settings__\\
The JSON file should contains:
{{{
{
  "boxAppSettings": {
    "clientID": "ogXXXXXXXXXXXXXXXX",
    "clientSecret": "laAXXXXXXXXXXXX",
    "appAuth": {
      "publicKeyID": "cgXXXXXXXXX",
      "privateKey": "-----BEGIN ENCRYPTED PRIVATE KEY-----\nXXXXXXXXXXXXXXXXXXXXXnblc=\n-----END ENCRYPTED PRIVATE KEY-----\n",
      "passphrase": "aXXXXXXXXXXXXXXXXXXXXe"
    }
  },
  "enterpriseID": "2XXXXXXXXX5"
}
}}}
\\
!2. Box Remote [VFS] Settings\\
\\
Select the __Box__ remote item type.\\
\\ 
__a.) Use JWT JSON File__\\
\\
__User name__ : Enter the Box login email address of the user you want to impersonate.\\
__JWT config__: Copy and paste the entire content of the JWT configuration __JSON file__ into __this field__. This file was generated when setting up your Box Custom App and contains all required credentials for JWT-based authentication. See above.\\
\\
[attachments|box_vfs_congfig_file.png]\\
\\
__b.)__ __Store JWT JSON file__ is Unchecked:\\
\\
__User name__: Enter the Box login email address of the user you want to impersonate.\\
__Password__: "clientSecret" from the JSON config file\\
__Client Id__: "clientID" from the JSON config file\\
__Enterprise Id__: "enterpriseID" from the JSON config file\\
__Public Key Id__: "publicKeyID" from the JSON config file\\
__Private Key__:  "privateKey" from the JSON config file\\
__Private Key password phrase__: "passphrase" from the JSON config file\\
\\
[attachments|box_vfs_settings.png]\\
\\