Using Box with JWT (Server Authentication)

@kendomen is correct. Here's some more detail:

Go to api.box.com. Then select Admin Console.

Now this is where it gets funky. Click on the Security step.

Then the fine print.

This gives the tool bar that should have been displayed three steps ago. Click Apps.

Then click on Authorize New App.

This puts up a pop-up where you enter the app key. This is referred to as the "ClientID" in the json file you may have downloaded from Box.com.

The admin of Box has to go to Admin Console -> Enterprise Settings -> Apps and authorize your app.