Box configuration

This page describes how to set up and configure a third-party configuration before creating the Box data store.

Create a Box app

1. Sign in to the Box Developer Console with your administrator account.
2. Click Create platform app.
3. Select App type as Custom app.
4. Enter the App name.

5. Set the following properties:

   • Purpose: Integration.
   • Categories: AI.
   • External system: Google Cloud Gemini Enterprise.

6. Select Authentication method as Server Auth - JWT.

7. Click Create App.

Configure the Box app

1. In the Box Developer Console, select the Platform app from the My Platform Apps page.

   

2. In the Configuration tab, do the following:

   1. In the App access level section, select App + Enterprise access.

      

   2. In the Application scopes section, select the scopes based on the connection mode from the following table:

      Connection mode	Scope	Purpose
      Federated search	Read all files and folders stored in Box	Required to fetch comments and tasks, and to preview files for search.
      Federated search and actions	Write all files and folders stored in Box	Required to copy the files and also to fetch comments and tasks, and to preview files for search.
      Data ingestion	Read all files and folders stored in Box	Required for data ingestion.
      	Manage users	Required to fetch the list of users, enabling retrieval of files, comments, and tasks from individual user accounts for ingestion. The administrator service account does not inherently possess access to all user-owned files. The as-user header enables the system to make API requests as the specific user to access their data.
      	Manage enterprise properties	Necessary for incremental sync functionality, as it facilitates the use of the Enterprise event stream to track changes for ingestion.
      	Manage groups	Required to fetch the list of groups and their members. This is critical for access control during ingestion.

3. In the Add and manage public keys section, click Generate a public/private keypair.

   • The public key is automatically uploaded to the console with an ID, used when creating a connection.
   • You can download a configuration file with the private key and passphrase. Be sure to keep this file for later use.
   • Optionally, to generate your own key, see the Box keypair setup guide.

4. Click Save changes.

Authorize the Box app

To authorize the Box app from the Developer console, do the following:

1. In the Box Developer Console, select the Platform app, and then go to the Authorization tab.
2. Click Review and submit.

3. In the Review app authorization submission dialog, click Submit.

   If the authorization request is submitted successfully, the following confirmation message is shown:

   

To authorize the Box app from the Box admin platform apps manager, do the following:

1. Sign in to the Box admin platform apps manager with your administrator account.
2. Choose the Platform app that you have configured.
3. Click the three dots (...) in the corresponding row.
4. Select Authorize app from the drop-down list.
5. In the Authorize app dialog, click Authorize to complete the authorization process.

Obtain Box authentication information

To obtain the Box authentication information, do the following:

1. In the Box Developer Console, select the Platform app from the My Platform Apps page.

• Enterprise ID: Obtain it from the General settings tab.

  

• Client ID and Client secret: Obtain it from the Configuration tab under OAuth 2.0 credentials.

  

• Private key, Key ID, and Passphrase: These parameters were generated and downloaded to a local file from the Configuration tab under Add and manage public keys while configuring the app.