App Auth和应用程序用户（正式称为 Box平台）实际上是白标版本的Box。我是这样想的：我们知道它是软件即服务的盒子。它提供了一个Web应用程序，移动应用程序以及所有装饰。 Box Platform是构建SaaS的平台层，可提供基于API的用户/内容/评论/协作/等管理。借助Box Platform，您可以在围墙花园中构建可以利用API所有功能的应用程序，而不能使用 Box应用程序。

App Auth and App Users -- which is officially called Box Platform -- is essentially a white-labeled version of Box. I think of it this way: "Box" as we know it is software-as-a-service. It offers a web app, mobile apps, and all the trimmings. Box Platform is the platform layer upon which the SaaS is built, providing API-based management of users/content/comments/collaborations/etc. With Box Platform you have a walled garden in which you can build apps that leverage all the features of the APIs, but are not otherwise "Box apps."

我基本上是在考虑构建一个将使用Box存储将订阅我们服务的用户数据的应用程序。我们的服务将允许每个用户访问和查看他们的数据。

I'm basically thinking about building an app that would use Box to store data of users that would subscribe to our service. Our service would allow each user to access and view their data.

这是一个合适的用例。使用Box Platform，您将成为Box企业以及其中包含的所有帐户和数据的所有者和管理员。

This is an appropriate use case. With Box Platform you will be the owner and administrator of a Box enterprise and all the accounts and data contained within.

如果我的帐户基本上拥有所有已订阅用户的数据，我是否可以使用企业访问令牌作为身份验证的基础而使用用户帐户令牌限制用户只能查看其特定子目录中的数据。还是我必须为每个用户拥有一个具有自己的api密钥的唯一帐户？

If I have an account that basically owns the data of all the subscribed users, can I use the enterprise access token as a base for authentication while using the user account token to restrict the user to only viewing the data from their specific sub directory. Or do I have to have a unique account with its own api key for every user?

我认为创建唯一帐户通常最干净针对每个用户，而不是在admin帐户中为用户提供特殊的子目录。从那里，您可以使用App Auth工作流来获取特定于该用户的访问令牌。

I think it's generally cleanest to create unique accounts for each user as opposed to giving users a special subdirectory in the admin account. From there you can use the App Auth workflow to get an access token specific to that user.