Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »



On This Page


Overview

When you create a Box App in the Box Dev Console, a Box service account is automatically created to represent the application. This page explains how to prepare the account to integrate with the DryvIQ platform.

Enable Two-Factor Authentication

You will need to have a Box account with two-factor verification enabled in order to create the Box App. The instructions below explain how to set up two factor authentication using an authenticator application since this is the recommended method. If you prefer to use SMS text message or email for as the two-step verification method, refer to the instructions available through Box Support for how to set up these methods of multi-factor authentication for your account. If your account already has two-factor verification enabled, you can skip this section. Otherwise, follow the steps below.

You will need to have an authenticator application installed on the mobile device you will be using for for the two-step verification before you begin this process.

  1. Log into https://app.box.com.

  2. Click your user icon in the upper-right and select Account Settings.

    Accout Settings.png

  3. On the Account Tab, scroll to the 2-Step Verification and click Set up.

    2-step Verification.png

  4. Verify Authenticator App is selected and click Next.

    Auth App.png

  5. Box will display a QR code. Scan it with the authenticator application you are using to generate a six-digit authentication code. Enter the code and click submit.

    QR Code and Authentication Code.png

  6. Enter the mobile phone number that will be used for account recovery and click Submit.

    5 Recovery Phone.png

  7. Box generates three account recover codes that can be used to access your account in the event you lose your device. You should keep copies of these somewhere safe. Click Close to continue.

  8. The “Authenticator App” will display as “Enabled.”

    2-Factor Enabled.png

Create a Box app from the Box Dev Console

To create your Box app, do the following:

  1. Log in to the Dev Console for your Box account.

  2. Click Create New App.

  3. Click Custom App.

    Custom App.png

  4. Enter a name and description for your App.

    Create Custom app 1 of 2 App Name and Desc.png

  5. Specify the Purpose and click Next.

    Create Custom app 1 of 2 Next2.png

  6. On the Authentication Method screen, select Server Authentication with JWT (Server Authentication) and click Create App.

    Create Custom App 2 of 2.png

  7. You will be taken to the Configuration page for your new app.

  8. Scroll to the OAuth 2.0 Credentials section and find your Client ID. You will use this Client ID to authorize your app on the Admin Console. Click COPY next to the Client ID to copy it to your clipboard.

    Client ID.png

  9. Scroll to the App Access Level section and select App + Enterprise Access.

    App Enterprise Access.png

  10. Scroll to the Advanced Features section and select the Make API calls using the as-user header and Generate user tokens boxes.

    Advanced Featured.png

  11. Scroll to the Add and Manage Public Keys section and click Generate a Public/Private Keypair. This downloads a file that contains the information needed to create the Box connector in the DryvIQ Platform. Save the keypair file ({public key}_config.json) locally for future reference. This file is not be saved in Box, so it is important you save this file somewhere where you can access it when you need to create your connection in the DryvIQ Platform.

    Generate Keypair.png

  12. Click OK to close the file download screen.

  13. Click Save Changes in the upper-right side of the page.

Alternate Options

Box requires two-factor authentication to generate a public/private keypair, but two-factor authentication is not applicable when single sign-on is enabled on Box. In this scenario, you can use one of the following alternative methods to generate the public/private keypair.

Alternate 1: Add another account that has two-factor authentication enabled as a collaborator to the app.

  1. In the Developers Console, select the app.

  2. Scroll down to the Collaborators sections and click Add New Collaborator.

  3. Enter the email address for the account that has two-factor authentication setup and click Add.

  4. Log into Box as the collaborator

  5. Go to the Developers Console and select the app.

  6. Select the Configuration tab.

  7. Scroll down to the Add and Manage Public Keys section and click Generate a Public/Private Keypair.

Alternate 2: Generate Keypair Manually. This option requires OpenSSL or Cygwin package.

Authorize the Box app from the Box Admin Console

Perform the following steps to authorize your Box app:

  1. Access the Admin Console for your Box account.

  2. Click Apps from the left menu.

    Apps.png

  3. Select Custom Apps Manager and then click Add App.

    Custom App Add App.png

  4. Enter the Client ID for the app and click Next. (This was the Client ID you copied in step 8 in the previous section.)

    Paste Client ID.png

  5. Confirm that the Application Access is “All Users” and click Authorize.

    4 All Users.png

  6. Confirm that the app you added is listed in the Custom Apps Manager. The Authorization Status should indicate Authorized.

    Custom Apps Manager.png

  7. To review the app configuration, hover on the app in the table and click the View button that displays.

    View.png

  8. Confirm App Access is set to All Users.

    View Details.png


    If App Access is not set to All Users, one of the settings is not correct. You you must return to the Dev Console and edit the following settings for the app:

    1. Set App Access Level to App +Enterprise.

    2. Under Advanced Features, select Make API calls using the as-user header and Generate User Access Tokens.

    3. Click Save Changes in the upper-right side of the page.

    4. Return to the Box Admin Console and go back to the Custom Apps Manager page.

    5. Click the next to the View button for the app.

      More Menu.png

    6. Click Reauthorize App in the menu that displays.

      Reauthorize app.png

    7. Confirm the Application Access column now shows All Users and click Reauthorize.

      Final Reauthorize.png

Grant Access for the Application in Your Enterprise

The App Key is the Client ID. It can be found in the Developers Console on the application’s Configuration tab. Additional information can be found in Box’s Custom App Approval documentation.

Parameters to Configure a Box Service Account with a DryvIQ Connection

Field Name

Field Variable

Status

Notes

Client ID 

clientID

Required

From your Box Developers Console or can be found in boxAppSettings section of {{public key}}_config.json 

Client Secret 

clientSecret

Required

From your Box Developers Console or can be found in boxAppSettings section of {{public key}}_config.json 

Public Key ID 

publicKeyID

Required

From your manually generated key pair or in boxAppSettings section of {{public key}}_config.json 

Private Key 

privateKey

Required

From your manually generated key pair or in boxAppSettings section of {{public key}}_config.json 

When you download the {{public key}}_config.json, the private key is displayed in the privatekey element. It looks something like this: 

"privateKey": "-----BEGIN ENCRYPTED PRIVATE KEY-----\xYZXYZxYZXyzxyzx.....................A0b0CAB0cAbCaBcabcabCA+B\noi0=\n-----END ENCRYPTED PRIVATE KEY-----\n",

You only need to add the values between the quotation marks. In the above example, you would add the following as the private key:

-----BEGIN ENCRYPTED PRIVATE KEY-----\xYZXYZxYZXyzxyzx.....................A0b0CAB0cAbCaBcabcabCA+B\noi0=\n-----END ENCRYPTED PRIVATE KEY-----\n

Enterprise ID 

enterpriseID

Required when an Account ID is not used

From your Box Developers Console or can be found in boxAppSettings section of {{public key}}_config.json 

The Enterprise ID will list content for all users on your connection root

Note: Cannot be combined with Account ID; options are mutually exclusive

Account ID

user_id

Required when an Enterprise ID is not used

The Account ID will impersonate a single account

Note: Cannot be combined with Enterprise ID; options are mutually exclusive

Password

passphrase

Required

From your manually generated key pair or in boxAppSettings section of {{public key}}_config.json 

Note: Auto-generated by Box when created via the download key pair from your Box Developers Console

Related

Box Service Account

  • No labels