Globus Connect Server User Credentials Box Create

Name

globus-connect-server user-credentials box-create - Create Box user credential

Synopsis

globus-connect-server user-credentials box-create STORAGE_GATEWAY_ID [OPTIONS]…​

Description

The globus-connect-server user-credentials box-create command creates a credential to use to access data on collections created on the Box storage gateway indicated by the STORAGE_GATEWAY_ID argument.

This command will only work on Box storage gateways which do not use enterprise credentials. These are created with the --box-client-id and --box-client-secret command-line options.

This command has a single required parameter, --globus-identity, which can be used to specify either the value of the username or id properties of an identity document.

By default, this command assumes that an identity mapping exists which maps the requested globus identity to its username. For example, the identity in the given identity document maps to the username field user@example.org:

{
      "email": "user@example.org",
      "id": "ac63b982-d7c3-4b09-abe7-63766ff8f534",
      "identity_provider": "c523cb22-3f79-4964-91c0-9b4a13ff6b9f",
      "identity_type": "login",
      "name": "Joe User",
      "organization": "Example",
      "status": "used",
      "username": "user@example.org"
}

To override this, use the --mapped-user command-line option. Note that the credential can only be created if the identity mapping is valid for that storage gateway and the caller has permissions to create the credential.

This command will output a URL which the caller must log into using a web browser to create the authorization code that the endpoint can use to obtain a token to access the caller’s box storage. Once the GCS Manager obtains the token, it will display a success web page in the browser used to authenticate.

Options

-h, --help

Show help message and exit.

--version

Show the version and exit.

--globus-identity [UUID|USERNAME]

Globus identity id or username id to associate the credential with

--mapped-user USERNAME

GCSv5 mapped identity username. If not provided, defaults to the Globus identity username

--use-explicit-host IP_ADDRESS

IP address of the GCS node to use for this request. If not specified, any available GCS node in the endpoint will be used.

Example

This example initiates the box authentication flow to generate a token for the endpoint.

globus-connect-server user-credentials box-create --globus-identity user@example.org
To complete credential creation, visit
https://account.box.com/api/oauth2/authorize?client_id=CLIENT&redirect_uri=https%3A%2F%2Fdata.example.org%2Fapi%2Fv1%2Fauthcallback&scope=root_readwrite&access_type=offline&response_type=code&state=JWT_DATA&box_login=user%40example.org