Display service account login in JWT app configuration console.
It would be really helpful if the service account login were displayed on the JWT app configuration page. This would make it easy to identify the login without having to run a separate script and would lower the barrier to entry for developing unprivileged BOX JWT apps.
We are making heavy use of service accounts to promote development server/automation-friendly Box apps. Our development model, outlined here (https://github.com/box-community/sample-jwt-app-primer) involves inviting low-privilege service accounts to collaborate on folders. This enables programatic access to Box files on a selective basis.
A major pain point is identifying the login associated with the service account. It currently requires the app developer to run a script that authenticates as the service account, fetches the service account metadata, and prints login to the screen. (Examples of that script are included in the linked repo above.) This is a frequent point of confusion and frustration for our developers, many of whom are working with the Box API for the first time.
We launched a feature that will show the email address of the system generated Service Account for JWT, Client Credentials Grant, and App Token apps. Find this information in the General Settings tab of your app after it has been authorized. For more check out or product update here: https://support.box.com/hc/en-us/articles/1500003965281.
Adminpselvaraj (Admin, Box) commented
+1. Also the current Developer token that could be generated out of the Admin console is confusing and often mistaken for the Service account token
Agreed. The ongoing work to improve the box developer experience is much appreciated, but it still has a ways to go before becoming great.
Chris Mueller commented
We have also experienced this as a barrier at our institution.