An administrator or application, with appropriate permission, should be able to make any arbitrary API call
An administrator or application, with appropriate permission, should be able to make any arbitrary API call (subject to enterprise setting restrictions) for any object or user in the Box enterprise. As an example, forcing a developer to find a folder, collaborate the running user (often using an as-user call on behalf of the folder owner), uploading a file, and then remove that running user is complicated, error prone, and wasteful.
In ECM or platform scenarios in which a large number of files are created, they are often referenced by an id value, rather than something mutable like a name or place in a hierarchy. Consequently, a sufficiently scoped administrator should be able to, given the file or folder id, make any call permitted in the enterprise setting irrespective of the file/folder owner.
E.g. if you have split 100M files across 100 owners for scale purposes, an admin user should be able to download or get info on any one of the 100M files with just the file id.
AdminDan Dennhardt
(Product Manager, Box)
shared this idea
Large Folder support will simplify the architecture. You still will need to collab the service account into the content.