The security team at my university finally approved rclone for accessing the university SSO box.com accounts. However, the team that manages the account can’t figure out how to authorize the rclone app. Apparently we need the API key to enable the application, but I’m guessing that this is not something that we should have access to, correct?
Does anyone know how to enable third-party applications on a SSO box.com enterprise account?
If you need the API key then you’ll need to make your own credentials on the box console. You can then put these into rclone when you make the remote as client_id and client_secret.
I don’t have an opinion as to whether this is the correct way to enable SSO on a box enterprise account though!
I have been using rclone with a box enterprise account that uses SSO via OKTA.
The trick is to first launch your browser and go through the SSO to get to box via box’s web interface. Then, once your browser already has a session established with Box and doesn’t need to visit your SSO provider for every new transaction, do the rclone config command and let it us rclone’s own client_id and client_secret. rclone will launch your browser, make sure you select the option to use SSO and provide the email address of the same box account to which you have already logged in, and it should take you to the “accept” page.
A useful writeup! Fancy adding a paragraph to the box docs about it? https://github.com/ncw/rclone/blob/master/docs/content/box.md