box · lukaszsocha2 · Dec 21, 2023 · Nov 28, 2023 · Nov 28, 2023 · Dec 4, 2023
diff --git a/docs/authentication.md b/docs/authentication.md
@@ -14,6 +14,7 @@
     - [Switching between Service Account and User](#switching-between-service-account-and-user)
   - [OAuth 2.0 Auth](#oauth-20-auth)
     - [Authentication with OAuth2](#authentication-with-oauth2)
+    - [Revoking tokens](#revoking-tokens)
     - [Downscoping tokens](#downscoping-tokens)
 - [Token storage](#token-storage)
   - [In-memory token storage](#in-memory-token-storage)
@@ -312,17 +313,26 @@ await oauth.revokeTokens();
 
 You can exchange a client's access token for one with a lower scope, in order
 to restrict the permissions for a child client or to pass to a less secure
-location (e.g. a browser-based app). This method is only available for OAuth2 clients.
+location (e.g. a browser-based app).
 
-For example to exchange the client's token for one with scopes to upload and delete items, but not to view their contents, which would be suitable for an less-trusted server-side process; use the following code:
+A downscoped token does not include a refresh token.
+In that case, to get a new downscoped token, refresh the original refresh token and use that new token to get a downscoped token.
+
+More information about downscoping tokens can be found [here](https://developer.box.com/guides/authentication/tokens/downscope/).
+If you want to learn more about available scopes please go [here](https://developer.box.com/guides/api-calls/permissions-and-errors/scopes/#scopes-for-downscoping).
+
+For example to exchange the token for a new token with only `item_preview` scope, restricted to a single file, suitable for the [Content Preview UI Element](https://developer.box.com/en/guides/embed/ui-elements/preview/) you can the following code:
 
 <!-- sample post_oauth2_token downscope_token -->
 
 ```js
-let accessToken = await oauth.downscopeToken(['item_upload', 'item_delete']);
+let resource = 'https://api.box.com/2.0/files/123456789';
+let accessToken = await oauth.downscopeToken(['item_preview'], resource);
 // accessToken contains the new downscoped access token
 ```
 
+This method is only available for OAuth2 clients.
+
 # Token storage
 
 ## In-memory token storage

diff --git a/docs/authorization.md b/docs/authorization.md
@@ -1,6 +1,9 @@
 # AuthorizationManager
 
 - [Authorize user](#authorize-user)
+- [Request access token](#request-access-token)
+- [Refresh access token](#refresh-access-token)
+- [Revoke access token](#revoke-access-token)
 
 ## Authorize user
 
@@ -12,19 +15,19 @@ OAuth 2.0. To request a user's authorization to use the Box APIs
 on their behalf you will need to send a user to the URL with this
 format.
 
-This operation is performed by calling function `getAuthorize`.
+This operation is performed by calling function `authorizeUser`.
 
 See the endpoint docs at
 [API Reference](https://developer.box.com/reference/get-authorize/).
 
-_Currently we don't have an example for calling `getAuthorize` in integration tests_
+_Currently we don't have an example for calling `authorizeUser` in integration tests_
 
 ### Arguments
 
-- queryParams `GetAuthorizeQueryParamsArg`
-  - Query parameters of getAuthorize method
-- headers `GetAuthorizeHeadersArg`
-  - Headers of getAuthorize method
+- queryParams `AuthorizeUserQueryParams`
+  - Query parameters of authorizeUser method
+- headers `AuthorizeUserHeaders`
+  - Headers of authorizeUser method
 - cancellationToken `undefined | CancellationToken`
   - Token used for request cancellation.
 
@@ -33,3 +36,97 @@ _Currently we don't have an example for calling `getAuthorize` in integration te
 This function returns a value of type `undefined`.
 
 Does not return any data, but rather should be used in the browser.
+
+## Request access token
+
+Request an Access Token using either a client-side obtained OAuth 2.0
+authorization code or a server-side JWT assertion.
+
+An Access Token is a string that enables Box to verify that a
+request belongs to an authorized session. In the normal order of
+operations you will begin by requesting authentication from the
+[authorize](#get-authorize) endpoint and Box will send you an
+authorization code.
+
+You will then send this code to this endpoint to exchange it for
+an Access Token. The returned Access Token can then be used to to make
+Box API calls.
+
+This operation is performed by calling function `requestAccessToken`.
+
+See the endpoint docs at
+[API Reference](https://developer.box.com/reference/post-oauth-2-token/).
+
+_Currently we don't have an example for calling `requestAccessToken` in integration tests_
+
+### Arguments
+
+- requestBody `PostOAuth2Token`
+  - Request body of requestAccessToken method
+- headers `RequestAccessTokenHeaders`
+  - Headers of requestAccessToken method
+- cancellationToken `undefined | CancellationToken`
+  - Token used for request cancellation.
+
+### Returns
+
+This function returns a value of type `AccessToken`.
+
+Returns a new Access Token that can be used to make authenticated
+API calls by passing along the token in a authorization header as
+follows `Authorization: Bearer <Token>`.
+
+## Refresh access token
+
+Refresh an Access Token using its client ID, secret, and refresh token.
+
+This operation is performed by calling function `refreshAccessToken`.
+
+See the endpoint docs at
+[API Reference](https://developer.box.com/reference/post-oauth-2-token-refresh/).
+
+_Currently we don't have an example for calling `refreshAccessToken` in integration tests_
+
+### Arguments
+
+- requestBody `PostOAuth2TokenRefreshAccessToken`
+  - Request body of refreshAccessToken method
+- headers `RefreshAccessTokenHeaders`
+  - Headers of refreshAccessToken method
+- cancellationToken `undefined | CancellationToken`
+  - Token used for request cancellation.
+
+### Returns
+
+This function returns a value of type `AccessToken`.
+
+Returns a new Access Token that can be used to make authenticated
+API calls by passing along the token in a authorization header as
+follows `Authorization: Bearer <Token>`.
+
+## Revoke access token
+
+Revoke an active Access Token, effectively logging a user out
+that has been previously authenticated.
+
+This operation is performed by calling function `revokeAccessToken`.
+
+See the endpoint docs at
+[API Reference](https://developer.box.com/reference/post-oauth-2-revoke/).
+
+_Currently we don't have an example for calling `revokeAccessToken` in integration tests_
+
+### Arguments
+
+- requestBody `PostOAuth2Revoke`
+  - Request body of revokeAccessToken method
+- headers `RevokeAccessTokenHeaders`
+  - Headers of revokeAccessToken method
+- cancellationToken `undefined | CancellationToken`
+  - Token used for request cancellation.
+
+### Returns
+
+This function returns a value of type `undefined`.
+
+Returns an empty response when the token was successfully revoked.
diff --git a/docs/avatars.md b/docs/avatars.md
@@ -23,7 +23,7 @@ await client.avatars.getUserAvatar(user.id);
 
 - userId `string`
   - The ID of the user. Example: "12345"
-- headers `GetUserAvatarHeadersArg`
+- headers `GetUserAvatarHeaders`
   - Headers of getUserAvatar method
 - cancellationToken `undefined | CancellationToken`
   - Token used for request cancellation.
@@ -54,16 +54,16 @@ await client.avatars.createUserAvatar(user.id, {
   ),
   picContentType: 'image/png',
   picFileName: 'avatar.png',
-} satisfies CreateUserAvatarRequestBodyArg);
+} satisfies CreateUserAvatarRequestBody);
 ```
 
 ### Arguments
 
 - userId `string`
   - The ID of the user. Example: "12345"
-- requestBody `CreateUserAvatarRequestBodyArg`
+- requestBody `CreateUserAvatarRequestBody`
   - Request body of createUserAvatar method
-- headers `CreateUserAvatarHeadersArg`
+- headers `CreateUserAvatarHeaders`
   - Headers of createUserAvatar method
 - cancellationToken `undefined | CancellationToken`
   - Token used for request cancellation.
@@ -96,7 +96,7 @@ await client.avatars.deleteUserAvatar(user.id);
 
 - userId `string`
   - The ID of the user. Example: "12345"
-- headers `DeleteUserAvatarHeadersArg`
+- headers `DeleteUserAvatarHeaders`
   - Headers of deleteUserAvatar method
 - cancellationToken `undefined | CancellationToken`
   - Token used for request cancellation.

diff --git a/docs/chunkedUploads.md b/docs/chunkedUploads.md
@@ -25,9 +25,9 @@ _Currently we don't have an example for calling `createFileUploadSession` in int
 
 ### Arguments
 
-- requestBody `CreateFileUploadSessionRequestBodyArg`
+- requestBody `CreateFileUploadSessionRequestBody`
   - Request body of createFileUploadSession method
-- headers `CreateFileUploadSessionHeadersArg`
+- headers `CreateFileUploadSessionHeaders`
   - Headers of createFileUploadSession method
 - cancellationToken `undefined | CancellationToken`
   - Token used for request cancellation.
@@ -53,9 +53,9 @@ _Currently we don't have an example for calling `createFileUploadSessionForExist
 
 - fileId `string`
   - The unique identifier that represents a file. The ID for any file can be determined by visiting a file in the web application and copying the ID from the URL. For example, for the URL `https://*.app.box.com/files/123` the `file_id` is `123`. Example: "12345"
-- requestBody `CreateFileUploadSessionForExistingFileRequestBodyArg`
+- requestBody `CreateFileUploadSessionForExistingFileRequestBody`
   - Request body of createFileUploadSessionForExistingFile method
-- headers `CreateFileUploadSessionForExistingFileHeadersArg`
+- headers `CreateFileUploadSessionForExistingFileHeaders`
   - Headers of createFileUploadSessionForExistingFile method
 - cancellationToken `undefined | CancellationToken`
   - Token used for request cancellation.
@@ -81,7 +81,7 @@ _Currently we don't have an example for calling `getFileUploadSessionById` in in
 
 - uploadSessionId `string`
   - The ID of the upload session. Example: "D5E3F7A"
-- headers `GetFileUploadSessionByIdHeadersArg`
+- headers `GetFileUploadSessionByIdHeaders`
   - Headers of getFileUploadSessionById method
 - cancellationToken `undefined | CancellationToken`
   - Token used for request cancellation.
@@ -109,7 +109,7 @@ _Currently we don't have an example for calling `uploadFilePart` in integration
   - The ID of the upload session. Example: "D5E3F7A"
 - requestBody `ByteStream`
   - Request body of uploadFilePart method
-- headers `UploadFilePartHeadersArg`
+- headers `UploadFilePartHeaders`
   - Headers of uploadFilePart method
 - cancellationToken `undefined | CancellationToken`
   - Token used for request cancellation.
@@ -137,7 +137,7 @@ _Currently we don't have an example for calling `deleteFileUploadSessionById` in
 
 - uploadSessionId `string`
   - The ID of the upload session. Example: "D5E3F7A"
-- headers `DeleteFileUploadSessionByIdHeadersArg`
+- headers `DeleteFileUploadSessionByIdHeaders`
   - Headers of deleteFileUploadSessionById method
 - cancellationToken `undefined | CancellationToken`
   - Token used for request cancellation.
@@ -165,9 +165,9 @@ _Currently we don't have an example for calling `getFileUploadSessionParts` in i
 
 - uploadSessionId `string`
   - The ID of the upload session. Example: "D5E3F7A"
-- queryParams `GetFileUploadSessionPartsQueryParamsArg`
+- queryParams `GetFileUploadSessionPartsQueryParams`
   - Query parameters of getFileUploadSessionParts method
-- headers `GetFileUploadSessionPartsHeadersArg`
+- headers `GetFileUploadSessionPartsHeaders`
   - Headers of getFileUploadSessionParts method
 - cancellationToken `undefined | CancellationToken`
   - Token used for request cancellation.
@@ -194,9 +194,9 @@ _Currently we don't have an example for calling `createFileUploadSessionCommit`
 
 - uploadSessionId `string`
   - The ID of the upload session. Example: "D5E3F7A"
-- requestBody `CreateFileUploadSessionCommitRequestBodyArg`
+- requestBody `CreateFileUploadSessionCommitRequestBody`
   - Request body of createFileUploadSessionCommit method
-- headers `CreateFileUploadSessionCommitHeadersArg`
+- headers `CreateFileUploadSessionCommitHeaders`
   - Headers of createFileUploadSessionCommit method
 - cancellationToken `undefined | CancellationToken`
   - Token used for request cancellation.
@@ -227,6 +227,10 @@ _Currently we don't have an example for calling `reducer` in integration tests_
 - chunk `ByteStream`
   -
 
+### Returns
+
+This function returns a value of type `PartAccumulator`.
+
 ##
 
 This operation is performed by calling function `uploadBigFile`.
@@ -257,3 +261,7 @@ await client.chunkedUploads.uploadBigFile(
   - The ID of the folder where the file should be uploaded.
 - cancellationToken `undefined | CancellationToken`
   - Token used for request cancellation.
+
+### Returns
+
+This function returns a value of type `FileFull`.
diff --git a/docs/classifications.md b/docs/classifications.md
@@ -27,7 +27,7 @@ await client.classifications.getClassificationTemplate();
 
 ### Arguments
 
-- headers `GetClassificationTemplateHeadersArg`
+- headers `GetClassificationTemplateHeaders`
   - Headers of getClassificationTemplate method
 - cancellationToken `undefined | CancellationToken`
   - Token used for request cancellation.
@@ -59,27 +59,27 @@ See the endpoint docs at
 ```ts
 await client.classifications.addClassification([
   {
-    op: 'addEnumOption' as AddClassificationRequestBodyArgOpField,
+    op: 'addEnumOption' as AddClassificationRequestBodyOpField,
     fieldKey:
-      'Box__Security__Classification__Key' as AddClassificationRequestBodyArgFieldKeyField,
+      'Box__Security__Classification__Key' as AddClassificationRequestBodyFieldKeyField,
     data: {
       key: getUuid(),
       staticConfig: {
         classification: {
-          colorId: 3,
-          classificationDefinition: 'Some description',
-        } satisfies AddClassificationRequestBodyArgDataFieldStaticConfigFieldClassificationField,
-      } satisfies AddClassificationRequestBodyArgDataFieldStaticConfigField,
-    } satisfies AddClassificationRequestBodyArgDataField,
-  } satisfies AddClassificationRequestBodyArg,
+          colorId: 4,
+          classificationDefinition: 'Other description',
+        } satisfies AddClassificationRequestBodyDataStaticConfigClassificationField,
+      } satisfies AddClassificationRequestBodyDataStaticConfigField,
+    } satisfies AddClassificationRequestBodyDataField,
+  } satisfies AddClassificationRequestBody,
 ]);
 ```
 
 ### Arguments
 
-- requestBody `readonly AddClassificationRequestBodyArg[]`
+- requestBody `readonly AddClassificationRequestBody[]`
   - Request body of addClassification method
-- headers `AddClassificationHeadersArg`
+- headers `AddClassificationHeaders`
   - Headers of addClassification method
 - cancellationToken `undefined | CancellationToken`
   - Token used for request cancellation.
@@ -111,28 +111,28 @@ See the endpoint docs at
 ```ts
 await client.classifications.updateClassification([
   {
-    op: 'editEnumOption' as UpdateClassificationRequestBodyArgOpField,
+    op: 'editEnumOption' as UpdateClassificationRequestBodyOpField,
     fieldKey:
-      'Box__Security__Classification__Key' as UpdateClassificationRequestBodyArgFieldKeyField,
+      'Box__Security__Classification__Key' as UpdateClassificationRequestBodyFieldKeyField,
     enumOptionKey: classification.key,
     data: {
       key: updatedClassificationName,
       staticConfig: {
         classification: {
           colorId: 2,
           classificationDefinition: updatedClassificationDescription,
-        } satisfies UpdateClassificationRequestBodyArgDataFieldStaticConfigFieldClassificationField,
-      } satisfies UpdateClassificationRequestBodyArgDataFieldStaticConfigField,
-    } satisfies UpdateClassificationRequestBodyArgDataField,
-  } satisfies UpdateClassificationRequestBodyArg,
+        } satisfies UpdateClassificationRequestBodyDataStaticConfigClassificationField,
+      } satisfies UpdateClassificationRequestBodyDataStaticConfigField,
+    } satisfies UpdateClassificationRequestBodyDataField,
+  } satisfies UpdateClassificationRequestBody,
 ]);
 ```
 
 ### Arguments
 
-- requestBody `readonly UpdateClassificationRequestBodyArg[]`
+- requestBody `readonly UpdateClassificationRequestBody[]`
   - Request body of updateClassification method
-- headers `UpdateClassificationHeadersArg`
+- headers `UpdateClassificationHeaders`
   - Headers of updateClassification method
 - cancellationToken `undefined | CancellationToken`
   - Token used for request cancellation.
@@ -164,9 +164,9 @@ _Currently we don't have an example for calling `createClassificationTemplate` i
 
 ### Arguments
 
-- requestBody `CreateClassificationTemplateRequestBodyArg`
+- requestBody `CreateClassificationTemplateRequestBody`
   - Request body of createClassificationTemplate method
-- headers `CreateClassificationTemplateHeadersArg`
+- headers `CreateClassificationTemplateHeaders`
   - Headers of createClassificationTemplate method
 - cancellationToken `undefined | CancellationToken`
   - Token used for request cancellation.