Box configuration

This page describes how to set up and configure a third-party configuration before creating the Box data store.

Create a Box app

  1. Sign in to the Box Developer Console with your administrator account.
  2. Click Create platform app.
  3. Select App type as Custom app.
  4. Enter the App name.

  5. Set the following properties:

    • Purpose: Integration.
    • Categories: AI.
    • External system: Google Cloud Gemini Enterprise.

  6. Select Authentication method as Server authentication (with JWT).

    Select Server authentication (with JWT)
    Select Server authentication (with JWT).

  7. Click Create app.

Configure the Box app

  1. In the Box Developer Console, choose the Platform app, and then go to the Configuration tab.

  2. In the App access level section, select App + Enterprise access.

  3. In the Application scopes section, select scopes as per your requirement from the following table:

    Connection mode Scope Purpose
    Federated search Read all files and folders stored in Box Required to fetch comments and tasks, and to preview files for search.
    Data ingestion Read all files and folders stored in Box Required for data ingestion.
    Manage users Required to fetch the list of users, enabling retrieval of files, comments, and tasks from individual user accounts for ingestion. The administrator service account does not inherently possess access to all user-owned files. The as-user header enables the system to make API requests as the specific user to access their data.
    Manage enterprise properties Necessary for incremental sync functionality, as it facilitates the use of the Enterprise event stream to track changes for ingestion.
    Manage groups Required to fetch the list of groups and their members. This is critical for access control during ingestion.

    Configure the Box app
    Configure the Box app.

  4. In the Add and manage public keys section, click Generate a public/private keypair.

    • The public key is automatically uploaded to the console with an ID, used when creating a connection.
    • You can download a configuration file with the private key and passphrase. Be sure to keep this file for later use.

    • Optionally, to generate your own key, see the Box keypair setup guide.

      Add and manage public keys
      Manage the keys.

  5. Click Save changes.

Authorize the Box app

  1. In the Box Developer Console, choose the Platform app, and then go to the Authorization tab.
  2. Click Review and submit.

  3. In the Review app authorization submission dialog, click Submit.

    Authorize the Box app
    Authorize the Box app.

    If the authorization request is submitted successfully, the following confirmation message is shown:

    Authorization request is successfully sent
    Authorization request is successfully sent.

  4. Sign in to the Box admin platform apps manager with your administrator account.

  5. Choose the Platform app that you have configured.

  6. Click the three dots (...) in the corresponding row.

  7. Select Authorize app from the drop-down list.

  8. In the Authorize app dialog, click Authorize to complete the authorization process.

    Click authorize button in the authorize app dialog
    Click Authorize.

Obtain Box authentication information

Have the following Box authentication information ready:

  • Enterprise ID: Obtain it from the General settings tab.

    obtain the enterprise id
    Obtain the Enterprise ID.

  • Client ID and Client secret: Obtain it from the Configuration tab under OAuth 2.0 credentials.

    obtain the client config
    Obtain the client configuration.

  • Private key, Key ID, and Passphrase: These parameters were already generated and downloaded to a local file from the Configuration tab under Add and manage public keys while configuring the app.

    add and manage public keys
    Add and manage public keys.