Skip to main content

Have a Box Source setup to read files from a folder but can’t upload a file. Getting this error.


{“type”:“error”,“status”:403,“code”:“cors_origin_not_whitelisted”,“context_info”:{“origin”:“https://skuid.na74.visual.force.com”},“help_url”:“http://developers.box.com/docs/#errors",“message”:"Access denied - Did you forget to whitelist your origin in the CORS config of your app?”,“request_id”:“fg05e1fx6scsld0s”}


The documentation call to setup CORS with the following template url:
http://Ryour_Salesforce_org].tSalesforce_region].visual.force.com


What is oyour_Salesforce_org] and 

I’m not sure that the documentation is accurate in this regard. The URL that you need to add a CORS Whitelist entry for is the one that Box is sending back in the “origin” parameter: https://skuid.na74.visual.force.com

Go to Salesforce Setup, and search for CORS. Add a new CORS Whitelist entry for the domain: https://skuid.na74.visual.force.com


I think the CORS entry goes in the newly created Box app. Sending to client Box admin to try right now.


That is true, you will need to set it up there as well. 

On another note, if you try to use Box from Skuid in Lightning, you will need to add a “CSP Trusted Site” in Salesforce as well for the Box API domain.


Success! The documentation page needs updating though. 😉


Thanks for bringing this to our attention, Pat, we’ll take a look at the docs and update accordingly.