This is version 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 . It is not the current version, and thus it cannot be edited.
[Back to current version]   [Restore this version]

Box REST API based integration: Documentation Link

---

⚠️ Proxy Configuration: If your server accesses the internet through a proxy, make sure to whitelist the following domains for DropBox Authentication and storage access: api.box.com

---

⚠️ Restriction:
- REST API does not support resume on upload
- No mdtm (File modification time) changes.
- The REST API does not support streaming during upload. For large file uploads (files larger than 25 MB), CrushFTP temporarily stores the file in the following location: CrushFTP Install Folder/box/<<box username>>

---

Create a new Custom App at Box Developer Console (Box Console Link). Select Custom App as the app type to begin configuring your integration with Box services.


CrushFTP uses the JWT Authentication (More info: Box JWT Link) method provided by Box, not standard OAuth 2.0. When configuring your Box application, make sure to select JWT-based authentication as the authorization method.



In the Custom App’s configuration, select App + Enterprise Access as the authentication method to enable full access for server-side integrations within your Box enterprise environment.



Under Application Scopes, enable the following permissions by checking the boxes:
✅ Write all files and folders stored in Box
✅ Manage users
These scopes are required to allow CrushFTP to upload data and interact with Box user accounts on your behalf.



Check the "Make API calls using the as-user header" checkbox at Advanced Features



Generate the RSA keypair for JWT at Configuration -> Add and Manage Public Keys



Save your Custom App changes.

At Authorization tab : Review and submit for app approval. Requires Box admin approval.
Important!!! : Any change on Custom App configurations requires reauthorization. The box admin needs to re-authorize your Custom Application.

Dwonload JSON file from Configuration -> App Settings
The JSON file should contains:

{
  "boxAppSettings": {
    "clientID": "ogXXXXXXXXXXXXXXXX",
    "clientSecret": "laAXXXXXXXXXXXX",
    "appAuth": {
      "publicKeyID": "cgXXXXXXXXX",
      "privateKey": "-----BEGIN ENCRYPTED PRIVATE KEY-----\nXXXXXXXXXXXXXXXXXXXXXnblc=\n-----END ENCRYPTED PRIVATE KEY-----\n",
      "passphrase": "aXXXXXXXXXXXXXXXXXXXXe"
    }
  },
  "enterpriseID": "2XXXXXXXXX5"
}

Configuration: On CrushFTP at remote connection settings:

1. If flag "Store JWT JSON file" is checked.

User name : - box login user name
JWT config: - Copy the entire JWT config JSON file content to the input field.



2. "Store JWT JSON file" is unchecked:

User name : - box login user name
Password: - "clientSecret" from the JSON config file
Client Id: - "clientID" from the JSON config file
Enterprise Id: - "enterpriseID" from the JSON config file
Public Key Id: - "publicKeyID" from the JSON config file
Private Key: - "privateKey" from the JSON config file
Private Key password phrase: - "passphrase" from the JSON config file