/bolt-ai-integration

Bolt.new AI and Box integration: Step-by-Step Guide 2025

Learn how to connect Bolt.new AI with Box in 2026 using a simple step-by-step setup to boost workflow automation and file management.

Book a free  consultation
Matt Graham, CEO of Rapid Developers

Book a call with an Expert

Starting a new venture? Need to upgrade your web app? RapidDev builds application with your growth in mind.

Book a free No-Code consultation

How to integrate Bolt.new AI with Box?

To integrate Bolt.new with Box, you treat Box like any other external API: you authenticate using Box’s real OAuth 2.0 flow or a Box Service Account (via JWT), store the credentials as environment variables inside your Bolt.new project, and call Box’s REST API from your backend routes. Bolt.new itself does not have a “Box integration button”—your backend code performs the integration exactly the same way you would in a normal Node/Express app. In practice, this means you set up an OAuth redirect route or use a JWT-based service account, then use Box’s official SDK or direct HTTPS requests to upload, download, and search files.

 

What “Integrating Bolt.new with Box” Actually Means

 

Bolt.new is just your development workspace. Your actual integration is your backend code calling Box’s API. The steps look like this:

  • You create a Box app inside Box Developer Console.
  • You choose the auth model: OAuth 2.0 (User OAuth) or JWT Service Account.
  • You place the required secrets (client ID, client secret, private key, etc.) into Bolt.new environment variables.
  • Your backend code in Bolt.new installs Box’s SDK (or uses fetch/axios to hit their REST API).
  • You expose backend routes to authorize, upload, list files, etc.

Everything else is normal Node.js API integration.

 

The Two Box Auth Options

 

Box offers two real authentication models:

  • OAuth 2.0 (User login): Users are redirected to Box to approve access. Good for apps where each user manages their own files.
  • JWT + Service Account: Server-to-server integration. No user login. Good for automated systems or org-managed content.

Both work with Bolt.new. Your choice depends on whether a human needs to sign in.

 

Setting Up Box OAuth 2.0

 

Inside developer.box.com:

  • Create a new OAuth 2.0 app.
  • Set the redirect URI to something like https://your-bolt-url/api/box/callback.
  • Copy client ID + client secret into Bolt.new environment variables.

Then in Bolt you install the Box SDK:

 

npm install box-node-sdk

 

Example Express routes for OAuth inside Bolt.new:

 

// boxAuth.js
import express from "express";
import axios from "axios";

const router = express.Router();

// Step 1: Redirect user to Box login
router.get("/auth/box", (req, res) => {
  const authUrl =
    "https://account.box.com/api/oauth2/authorize" +
    `?response_type=code&client_id=${process.env.BOX_CLIENT_ID}` +
    `&redirect_uri=${encodeURIComponent(process.env.BOX_REDIRECT_URI)}`;

  res.redirect(authUrl);
});

// Step 2: Box redirects back with a code
router.get("/auth/box/callback", async (req, res) => {
  const code = req.query.code;

  const tokenUrl = "https://api.box.com/oauth2/token";

  try {
    const response = await axios.post(
      tokenUrl,
      new URLSearchParams({
        grant_type: "authorization_code",
        code: code,
        client_id: process.env.BOX_CLIENT_ID,
        client_secret: process.env.BOX_CLIENT_SECRET,
      })
    );

    // Save the access token somewhere (temporary store, DB, etc.)
    const tokens = response.data;

    res.json(tokens);
  } catch (e) {
    res.status(500).json({ error: e.message });
  }
});

export default router;

 

This is the exact real flow that Box uses. It works inside Bolt because Bolt’s backend container is just Node.js.

 

Service Account / JWT Auth (Server‑to‑Server)

 

If you don’t want user login, Box provides a JWT method. You configure a “Custom App (JWT)” in Box, download a JSON config file, and place the values inside Bolt.new environment variables.

SDK example:

 

// boxServiceAccount.js
import BoxSDK from "box-node-sdk";

const sdk = new BoxSDK({
  clientID: process.env.BOX_CLIENT_ID,
  clientSecret: process.env.BOX_CLIENT_SECRET,
  appAuth: {
    keyID: process.env.BOX_JWT_KID,
    privateKey: process.env.BOX_JWT_PRIVATE_KEY,
    passphrase: process.env.BOX_JWT_PASSPHRASE,
  },
});

const client = sdk.getAppAuthClient("enterprise", process.env.BOX_ENTERPRISE_ID);

export default client;

 

Once you have the client, you can call Box APIs directly:

 

// Upload example
const file = await client.files.uploadFile(
  process.env.BOX_ROOT_FOLDER_ID,
  "example.txt",
  Buffer.from("hello from Bolt")
);

 

Environment Variables in Bolt.new

 

In Bolt.new, you add env vars in the left sidebar under Environment. Box secrets MUST NOT be hardcoded.

  • BOX_CLIENT_ID
  • BOX_CLIENT_SECRET
  • BOX_REDIRECT_URI
  • JWT keys if using service accounts

Bolt automatically injects them into process.env at runtime.

 

Testing Integration in Bolt.new

 

With routes running in Bolt.new, you test like this:

  • Open the built‑in API tester or browser tab.
  • Visit /auth/box to start OAuth, or hit your service-account routes.
  • Confirm upload/list/download calls work (check Box UI to verify files appear).

Bolt.new is fully capable of making real HTTPS calls to Box’s API. There are no special adapters required.

 

Deploying Outside Bolt

 

Once your integration works in Bolt.new, you deploy the same Node.js backend to your real environment (Vercel, Render, AWS, etc.). You simply copy the same environment variables to your production environment.

No code changes are required. Box API works identically.

 

Summary

 

Integrating Bolt.new with Box is simply integrating your backend code with Box’s REST API. Use OAuth or JWT, put credentials in Bolt.new env vars, install the Box SDK, and call the standard Box endpoints. Bolt.new is just your workspace—the integration lives in normal Node.js code that communicates with Box’s real API endpoints.

Want to explore opportunities to work with us?

Connect with our team to unlock the full potential of no-code solutions with a no-commitment consultation!

Book a Free Consultation

Client trust and success are our top priorities

When it comes to serving you, we sweat the little things. That’s why our work makes a big impact.

Rapid Dev was an exceptional project management organization and the best development collaborators I've had the pleasure of working with. They do complex work on extremely fast timelines and effectively manage the testing and pre-launch process to deliver the best possible product. I'm extremely impressed with their execution ability.

CPO, Praction - Arkady Sokolov

May 2, 2023

Working with Matt was comparable to having another co-founder on the team, but without the commitment or cost. He has a strategic mindset and willing to change the scope of the project in real time based on the needs of the client. A true strategic thought partner!

Co-Founder, Arc - Donald Muir

Dec 27, 2022

Rapid Dev are 10/10, excellent communicators - the best I've ever encountered in the tech dev space. They always go the extra mile, they genuinely care, they respond quickly, they're flexible, adaptable and their enthusiasm is amazing.

Co-CEO, Grantify - Mat Westergreen-Thorne

Oct 15, 2022

Rapid Dev is an excellent developer for no-code and low-code solutions.
We’ve had great success since launching the platform in November 2023. In a few months, we’ve gained over 1,000 new active users. We’ve also secured several dozen bookings on the platform and seen about 70% new user month-over-month growth since the launch.

Co-Founder, Church Real Estate Marketplace - Emmanuel Brown

May 1, 2024 

Matt’s dedication to executing our vision and his commitment to the project deadline were impressive. 
This was such a specific project, and Matt really delivered. We worked with a really fast turnaround, and he always delivered. The site was a perfect prop for us!

Production Manager, Media Production Company - Samantha Fekete

Sep 23, 2022