Login
    Contents x
    Box Platform
    • 29 Jun 2023
    • 4 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Box Platform

    • Updated on 29 Jun 2023
    • 4 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Box Platform provides data security, file sharing, collaborating, and content management tools. Box Platform provides access to Box APIs.

    Types of Assets Fetched

    This adapter fetches the following types of assets:

    • Users
    • SaaS data

    Parameters

    1. Box Platform enterprise ID (required) - Specify your Box enterprise account ID.
      The Box Platform enterprise ID is located in the Enterprise settings view. Click the Admin Console link from the top of your Box account. Then choose the Gear icon / Enterprise settings. Your Enterprise ID may also be located in the Account and Billing tab of the Admin Console.
    2. Client ID and Box Platform private key configuration file (required) - The Client ID and private key configuration file that provides the Required Permissions to fetch assets.
    3. HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to the value supplied in Box Platform enterprise ID.
      • If supplied, Axonius will utilize the proxy when connecting to the value supplied in Box Platform enterprise ID.
      • If not supplied, Axonius will connect directly to the value supplied in Box Platform enterprise ID.
    4. Username and Password (only used to fetch SaaS data) - The username and the password of Axonius SaaS Management dedicated user credentials.
    5. Login URL (only used to fetch SaaS data) - The URL as it appears in the browser's address bar after signing-in.
    6. 2FA Secret Key (only used to fetch SaaS data) - The secret generated in the adapter for setting up 2-factor authentication for the adapter user created to collect SaaS Management data.

    To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

    BOXSM

    Advanced Settings

    Note:

    Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

    1. Fetch Groups - Select this option to fetch Box groups
    2. Fetch User Last Login Time - Select this option to fetch the last time the user logged in.
    Note:

    To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.

    APIs

    Axonius uses the Box REST API - List enterprise users.

    Required Permissions

    The following permissions (App Scopes) are required to fetch users

    • Read and write all files and folders stored in Box
      • Manage groups
      • Manage enterprise properties
      • Manage users
      • Manage app users

    The following permissions (App Scopes) are required to fetch SaaS data

    • Manage users
    • Manage groups
    • Manage enterprise properties

    Adapter Integration Setup

    Create a user account

    Note:

    Only required for fetching SaaS data. While to access SaaS data you need to grant roles and/or permissions that include write capabilities, the adapter only actually reads data from the application.

    Note:
    • It is recommended for the username and password to be derived from a newly created user account dedicated for the usage of Axonius SaaS Management. Retrieve the username and password from that user account.
      *When single-sign-on is enabled, and direct login flow is disabled, then it is recommended to derive the username and password from a user account maintained by the single-sign-on solution.
    1. Login into Box as an administrator and navigate to Admin Console > Users & Groups, and then click on the '+ User' button.
    2. Uncheck Allow this user to sync files between Box and the user's desktop.
    3. Click on the Add User button.
    4. Look up for the newly created user, click on its options button, and then click on Change User Settings.
    5. Check Exempt this user from maximum allowed devices.
    6. Check Exempt this user from 2-step login verification.
    7. Check User is granted the following administrative privileges.
    8. Clear the following:
      1. Manage users
      2. Manage groups
      3. View users' content
      4. Edit users' content
      5. Log in to users' accounts
      6. Create, edit and delete automations for your company
      7. Create and edit metadata templates for your company
    9. Check the following:
      1. View settings and apps for your company
      2. Edit settings and apps for your company
      3. Run new reports and access existing reports
      4. View automations set up for your company
    10. Click on the Save button.

    Create an application

    The values supplied in Client ID and Box Platform private key configuration file refer to the generated Client ID and private key configuration file for your Custom App using JWT authentication:

    1. Set up a Custom App - Set up a Custom App using JWT authentication. For details, see Box Guides - Setup with JWT. The following App Scopes are required:
      • Read and write all files and folders stored in Box
      • Manage groups
      • Manage enterprise properties
      • Manage users
      • Manage app users
    2. Create Box Platform private key configuration file - After a Custom App has been created to use JWT authentication, there is an option available in the Developer Console to have Box create a configuration file. This file will include the keypair as well as a number of other application details that are used during authentication.
      1. Click on the "Configuration" option from the left sidebar in your application and scroll down to the "Add and Manage Public Keys" section.
        image.png
      2. Click the "Generate a Public/Private Keypair" button to have Box generate a keypair. This will trigger the download of a JSON configuration file that you can move to your application code.
      3. Upload this file as the Box Platform private key configuration file.
    3. Get Client ID - The Client ID of the application that is requesting to authenticate the user. To get the Client ID for your application:
      1. log in to your Box developer console and click the Edit Application link for the application you're working with.
      2. In the OAuth 2.0 Parameters section of the configuration page, find the item labelled client_id. The text of that item is your application's Client ID.
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout