There are two common use-cases for box_auth():

  1. Connecting to accounts from boxr for the first time.

  2. Connecting to previously-connected accounts.

In the first case, you will need to provide box_auth() with client_id and client_secret.

In the second case, you can call box_auth() with no arguments; the function will look for these in your R environment.

To run this function the first time, you will need access to the client_id and client_secret of a Box interactive-app. If you are using a work account, this information might be provided to you by your Box-admin team. If you are using a personal account, you will have to set up a Box interactive-app.

For both cases, these procedures are detailed in this boxr interactive-app article.

  client_id = NULL,
  client_secret = NULL,
  interactive = TRUE,
  cache = "~/.boxr-oauth",



character, the client id for the account to use.


character, the client secret for the account to use.


logical, indicates that the authorization process will be interactive (requiring user input to the R console, and/or a visit to


A logical value or a string. TRUE means to cache using the default cache file .httr-oauth, FALSE means don't cache, and NA means to guess using some sensible heuristics. A string means use the specified path as the cache file.




Other arguments passed to httr::oauth2.0_token().


Invisible NULL, called for side effects.


This function has some side effects which make subsequent calls to box_auth() easier:

  • a browser window may be opened at, for you to authorize to your Box app.

  • a token file is written, according to the value of cache. The default behaviour is to write this file to ~/.boxr-oauth.

  • some global options() are set for your session to manage the token.

  • environment variables BOX_USER_ID, BOX_CLIENT_ID, and BOX_CLIENT_SECRET are set.

  • if these environment variables have changed, and you have the usethis package installed, it will copy some text to your clipboard that you can paste into your .Renviron file.

  • a message is printed to the console.

See also


for authenticating to service-apps.


for details on how tokens are handled.

Box Developers: Setup with OAuth 2.0

documentation for setting up Box (interactive) apps with OAuth 2.0.