Box enterprise and JWT expiry

What is the problem you are having with rclone?

Hello !

I am using the Box remote with an enterprise account.
To authenticate i use a config.json file with the client id, secret, the enterprise id and the private keys.
Authentication works fine and i can list files and directories.

I have a problem when i reach JWT token expiry: token expired and there's no refresh token - manually refresh with "rclone config reconnect box:
According to Box documentation, Enterprise JWT auth does not provide a refresh token and should just request a new one. Token only lasts 1h.

Do you know if it's a bug or if i'm missing something ?
How can i deal with it ?

The problem is that i have a lot of files and my sync lasts more than an hour. Furthermore, I am syncing files to a Shared Gdrive which is very g, so i can't just restart the sync without creating duplicates.

Thanks you for your help
Best regards.

Run the command 'rclone version' and share the full output of the command.

rclone 1.62.2
- os/version: nixos 22.11 (Raccoon) (64 bit)
- os/kernel: 6.2.0 (x86_64)
- os/type: linux
- os/arch: amd64
- go/version: go1.20.2
- go/linking: dynamic
- go/tags: cmount

Which cloud storage system are you using? (eg Google Drive)


The command you were trying to run (eg rclone copy /tmp remote:tmp)

sync 'box:/Folder' 'gdrive:/' --config=rclone.conf --use-json-log --log-format=\"date,time,longfile\" -vvv--tpslimit 10 --tpslimit-burst 10 --retries 5 --retries-sleep 1s --create-empty-src-dirs --fast-list --header="as-user: 1234567"

The rclone config contents with secrets removed.

type = box
client_id = XXXXXX
client_secret = YYYYYY
box_config_file = box_config.json
box_sub_type = enterprise

Then the config gets amended with a token:


A log from the command with the -vv flag

023/03/17 09:20:20 Failed to sync with 80 errors: last error was: failed to open source object: Get "": token expired and there's no refresh token - manually refresh with "rclone config reconnect box:

I had a brief look at the code.

Rclone should renew the JWT token before it expires.

Maybe this renewal isn't working properly?

Can you do your sync with -vv and grep the logs for the word Token - that should tell us what is happening when the token expires.

Also is the time and timezone correct on your computer?