Box Platform

Box Platform provides data security, file sharing, collaborating, and content management tools. Box Platform provides access to Box APIs.

Types of Assets Fetched

This adapter fetches the following types of assets:

• Users
• SaaS data
  
  

Parameters

1. Box Platform enterprise ID (required) - Specify your Box enterprise account ID.
   The Box Platform enterprise ID is located in the Enterprise settings view. Click the Admin Console link from the top of your Box account. Then choose the Gear icon / Enterprise settings. Your Enterprise ID may also be located in the Account and Billing tab of the Admin Console.

2. Client ID and Box Platform private key configuration file (required) - The Client ID and private key configuration file that provides the Required Permissions to fetch assets.

3. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

4. Box Login URL (only used to fetch SaaS data) - The URL as it appears in the browser's address bar after signing-in.

5. Username and Password (only used to fetch SaaS data) - The username and the password of Axonius SaaS Management dedicated user credentials.

6. 2FA Secret Key (only used to fetch SaaS data) - The secret generated in the adapter for setting up 2-factor authentication for the adapter user created to collect SaaS Management data.

7. Use SSO - (only used to fetch SaaS data) - Select this option if your organization uses SSO to log in to Box Platform. When you check Use SSO enter the SSO username, password, and the 2FA from the SSO provider, in these configuration fields, instead of BOX credentials.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Advanced Settings

1. Fetch Groups - Select this option to fetch Box groups
2. Fetch User Last Login Time - Select this option to fetch the last time the user logged in.

APIs

Axonius uses the Box REST API - List enterprise users.

Required Permissions

The following permissions (App Scopes) are required to fetch users

• Read and write all files and folders stored in Box
  • Manage groups
  • Manage enterprise properties
  • Manage users

The following permissions (App Scopes) are required to fetch SaaS data

• Manage users
• Manage groups
• Manage enterprise properties

Adapter Integration Setup

Create a user account

1. Log into Box as an administrator and navigate to Admin Console > Users & Groups, and then click on the '+ User' button.
2. Uncheck Allow this user to sync files between Box and the user's desktop.
3. Click on the Add User button.
4. Look up for the newly created user, click on its options button, and then click on Change User Settings.
5. Check Exempt this user from maximum allowed devices.
6. Check Exempt this user from 2-step login verification.
7. Check User is granted the following administrative privileges.
8. Clear the following:
   1. Manage users
   2. Manage groups
   3. View users' content
   4. Edit users' content
   5. Log in to users' accounts
   6. Create, edit and delete automations for your company
   7. Create and edit metadata templates for your company
9. Check the following:
   1. View settings and apps for your company
   2. Edit settings and apps for your company
   3. Run new reports and access existing reports
   4. View automations set up for your company
10. Click on the Save button.

Create an application

The values supplied in Client ID and Box Platform private key configuration file refer to the generated Client ID and private key configuration file for your Custom App using JWT authentication:

1. Set up a Custom App - Set up a Custom App using JWT authentication. For details, see Box Guides - Setup with JWT. The following App Scopes are required:

   • Read and write all files and folders stored in Box
   • Manage groups
   • Manage enterprise properties
   • Manage users

2. Click the "Configuration" option from the left sidebar in your application, scroll down to the App Access Level section, and select App + Enterprise Access. This enables your application to access all users and manage enterprise settings, content, and users.
   

3. Create Box Platform private key configuration file - After a Custom App has been created to use JWT authentication, there is an option available in the Developer Console to have Box create a configuration file. This file will include the keypair as well as a number of other application details that are used during authentication.

   1. Click the "Configuration" option from the left sidebar in your application and scroll down to the "Add and Manage Public Keys" section.
      
   2. Click the "Generate a Public/Private Keypair" button to have Box generate a keypair. This triggers the download of a JSON configuration file that you can move to your application code.
   3. Upload this file as the Box Platform private key configuration file.

4. Get Client ID - The Client ID of the application that is requesting to authenticate the user. To get the Client ID for your application:

   1. Log into your Box developer console and click the Edit Application link for the application you're working with.
   2. In the OAuth 2.0 Parameters section of the configuration page, find the item labelled client_id. The text of that item is your application's Client ID.