Skip to content

What problem could Box solve for you?

← Help shape the future of Box

Minimal Downscoped Access Token: Profile Only

Could you add the minimum required permission to the downscope feature that allows access to the user's own profile only?

https://developer.box.com/guides/api-calls/permissions-and-errors/scopes/
ex) profile_readonly

If third-party services can use a token with the least privilege to verify the user's login and EID,
it will help in building a more secure service.

1 vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Anonymous shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment

Help shape the future of Box: Core & Technical Infrastructure

Categories

Feedback and Knowledge Base

(thinking…)

By entering and viewing this page, you agree to be bound by (1) UserVoice Terms of Service and the (2) Box Community Terms of Use. In the event of a direct conflict between the foregoing terms of service with respect to the Box Community Guidelines, Feedback and Suggestions, the Box Community Terms of Use shall take precedence as between you and Box.