Groups cannot be collaborated via API without Manage groups scope
Users cannot add groups to folders via the API like they can in the UI without special 'manage groups' scope, which is essentially an admin scope. One direct impact with this is that it prevents our mobile app from having invite parity with our web app,
AdminRory Paap
(Admin, Box)
shared this idea
-
Vicenç Cortés Olea
commented
This limitation combined with the 1 million soft limit is really an issue. As we don't want to allow applications to manage groups, they can not collaborate groups into folders and, as soon as you reach the 1 million soft limit per owner, you need to address the folder creation + group collaboration manually. This is not really an elegant solution. Another workaround would be to create enough folders in advance and use it as a pool of folders but the API does not allow to know how many documents are assigned to a user straight away. So... any workardound is actually a quite cumbersome solution.
-
AdminDorota
(Admin, Box)
commented
It's described as a security issue/blocker preventing further development for a multi-national global financial services company using Platform heavily. In this scenario, individual countries sharing the instance within a global setup should not have the ability to accidentally or maliciously make changes to another other country's user group
-
Akihiko Murakami
commented
Additional comments.
I would like general users to be able to invite group members via the API, but there is no way to get the group ID.
I would like to be able to invite by group name at least.追加のコメントです。
一般ユーザーでもAPI経由でグループ招待を許可してほしいですが、その際にグループのIDを取得する方法がありません。
せめてグループ名で招待できるようにして欲しいです。(Edited by admin) -
Akihiko Murakami
commented
I would like this update.
In a huge holding company, the IT staff of each operating company manages folder access rights, but it is impossible to do it manually, so some kind of tool is used.With the current API specification (OAuth), group invitations are not possible, so JWT authentication has to be used, giving excessively high privileges.
If you can invite a group with the same level of authority as the UI with the OAuth authentication API, you can manage access rights with a simple tool without giving excessive authority, which is useful.
Please consider.このアップデートを望んでいます。
巨大なホールディングス企業では各事業会社のIT担当がフォルダのアクセス権管理をしていますが、手作業では無理があるため何らかのツールを使うことになります。現状のAPIの仕様(OAuth)では、グループ招待ができないのでJWT認証を使わざるを得ず、過度に高権限を与えることになる状況です。
OAuth認証のAPIにてUIと同レベルの権限でグループ招待が出来れば、過度な権限を与えずに簡単なツールでアクセス権管理が出来るので有用です。
ご検討ください。(Edited by admin) -
AdminRory Paap
(Admin, Box)
commented
Users cannot add groups to folders via the API like they can in the UI without special 'manage groups' scope, which is essentially an admin scope. One direct impact with this is that it prevents our mobile app from having invite parity with our web app