From c271778cc0be38fd458e7dc8405a4d4098a931ad Mon Sep 17 00:00:00 2001 From: Shahzad Haider <76992801+shahzadhaider1@users.noreply.github.com> Date: Mon, 22 Sep 2025 19:18:52 +0500 Subject: [PATCH] fix typo fixed small typos in the box developer guide --- .../api-calls/permissions-and-errors/scopes.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/content/guides/api-calls/permissions-and-errors/scopes.md b/content/guides/api-calls/permissions-and-errors/scopes.md index 32186419c..8a00c7dfd 100644 --- a/content/guides/api-calls/permissions-and-errors/scopes.md +++ b/content/guides/api-calls/permissions-and-errors/scopes.md @@ -34,10 +34,10 @@ together, see our [security guide][security]. ## Scopes & OAuth 2 authorization When sending a user through a client-side OAuth 2 flow to authorize your -application it is possible to append a set of scopes to the authorization URL to +application, it is possible to append a set of scopes to the authorization URL to further restrict the user's access token. -For example, if you application has the `root_readonly` and `root_readwrite` +For example, if your application has the `root_readonly` and `root_readwrite` scopes enabled, it is possible to restrict a user's access token to `root_readonly` by specifying this scope when redirecting the user. @@ -45,14 +45,14 @@ scopes enabled, it is possible to restrict a user's access token to GET https://account.box.com/api/oauth2/authorize?scope=root_readonly&client_id=.... ``` -When the scope parameter is omitted the application will use the scopes that +When the scope parameter is omitted, the application will use the scopes that were set when the application was created. ## Self-service scopes These scopes are available through the Developer Console when configuring an application. Navigate to the **Application Scopes** section of the -**Configuration** tab and select one or more of the following scope. +**Configuration** tab and select one or more of the following scopes. ### Read all files and folders @@ -160,7 +160,7 @@ application to edit and delete device pins. Although this allows an application to enterprise properties, for client-side -applications, the Access Token used must must be associated with an +applications, the Access Token used must be associated with an Admin Co-Admin with the correct permissions. @@ -282,7 +282,7 @@ For this reason, this scope will not be provisioned unless absolutely necessary. ## Scopes for downscoping -In some cases an Access Token needs to be [downscoped][ds] to a more strict +In some cases, an Access Token needs to be [downscoped][ds] to a more strict permission level, especially when a token needs to be exposed to a client-side, public environment like a browser. The primary example for this is when using [Box UI Elements][ui-elements], which require an Access Token in the user's @@ -342,4 +342,4 @@ The standard OAuth scopes are also supported when downscoping. [suppress]: g://api-calls/suppress-notifications [ds]: g://authentication/tokens/downscope [sa]: page://platform/user-types/#service-account -[ca]: [https://support.box.com/hc/en-us/articles/1500005433721-Users-Groups-Settings#h_01GSE1DYJKTY9EXEWJEDKFHCNV] \ No newline at end of file +[ca]: [https://support.box.com/hc/en-us/articles/1500005433721-Users-Groups-Settings#h_01GSE1DYJKTY9EXEWJEDKFHCNV]