Skip to content

Garrett Flora

← Customer Feedback for Box

My feedback

1 result found

  1. Allow service accounts to initiate Relay workflows via the Box API

    17 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  Help shape the future of Box » Workflow  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    Garrett Flora supported this idea  · 
    An error occurred while saving the comment
    Garrett Flora commented  · 

    We have a use case at the University of Arizona that requires the Workflow API to:
    1. Allow a service account to create a workflow and/or allow a user to create and share a workflow with a service account.
    2. Allow a service account to start any workflow that it owns, or co-owns.

    The API currently allows a service account to access the 'Starts workflow based on request body' (https://developer.box.com/reference/post-workflows-id-start/) endpoint. but doesn't allow a service account to own, or co-own, a workflow, which prevents the service account from utilizing said endpoint. Using the as-user header and/or user access token provides too broad of a level of access for a service account, representing a security hole, as it can kick off workflows owned by anybody in our enterprise.

Feedback and Knowledge Base

(thinking…)

By entering and viewing this page, you agree to be bound by (1) UserVoice Terms of Service and the (2) Box Community Terms of Use. In the event of a direct conflict between the foregoing terms of service with respect to the Box Community Guidelines, Feedback and Suggestions, the Box Community Terms of Use shall take precedence as between you and Box.