The following sections explain the required information, settings, and apps needed in your Box account before you can start using the Connector.

Box Enterprise ID

Your enterprise ID is available in several places throughout Box. You can easily find it within the Admin Console > Account & Billing page.

Custom Subdomain

You must configure your box account to use a custom subdomain. This enables the Gimmal Box Connector to uniquely identify requests to/from your Box account back to your Gimmal Box Connector subscription.

  • Sign in to your Box Account

  • Access your admin console

  • Navigate to the Custom Setup tab

  • Under the Custom Subdomain section, ensure you have entered a value and click Save

Box App

You are required to create a Box App in order for the connector to communicate with your Box account.  You may either create a Box User App or Box Server-to-Server App.

Box User App

This is a Standard OAuth 2.0 app in Box. For more details, please see the Box documentation for an OAuth Application Setup. This app allows you to manage the connector through a web browser.

  1. Create a new, or choose an existing, Box app that uses the Standard OAuth 2.0 authentication method.

  2. Configure the app:

    1. Redirect URI - Enter one of the following options:

      1. SaaS-TEST uses https://test-conn-box.recordlion.net

      2. SaaS-PRODUCTION uses https://app-conn-box.recordlion.net

      3. For an on-premise install use your local Gimmal Box web application.

    2. Application Scopes - Select all of the following:

      1. Read all files and folders stored in Box

      2. Read and write all files and folders stored in Box

      3. If your organization is using Box Governance, also select Manage Retention Policies
    3. CORS Domains - Enter one of the following options. It should match the redirect URI you selected above for TEST or PRODUCTION:

      1. SaaS-TEST uses https://test-conn-box.recordlion.net

      2. SaaS-PRODUCTION uses https://app-conn-box.recordlion.net

      3. For an on-premise install use your local Gimmal Box web application.

    4. Click Save Changes

Box Server-to-Server App

This is an OAuth 2.0 with JWT app in Box. For more details, please see the Box documentation for a JWT Application Setup. This app enables the connector to communicate with your Box account as a background service without any user interaction.

  1. Create a new, or choose an existing, Box app that uses the OAuth 2.0 with JWT authentication method.

  2. Configure the app:

    1. Application Access is Enterprise

    2. Application Scopes - Select all of the following:

      1. Read all files and folders stored in Box

      2. Read and write all files and folders stored in Box

      3. Manage users

      4. Manage enterprise properties

      5. If your organization is using Box Governance, also select Manage Retention Policies
    3. Advanced Features:

      1. Perform Actions as Users is enabled

      2. Generate User Access Tokens is enabled

  3. Generate a Public/Private Keypair by following the instructions in the Box documentation.

  4. CORS Domains is one of the following options. It should match the redirect URI you configured in the Standard OAuth 2.0 app previously.

    1. SaaS-TEST uses https://test-conn.box.recordlion.net

    2. SaaS-PRODUCTION uses https://app-conn-box.recordlion.net

    3. For an on-premise install use your local Gimmal Box web application.

  5. Click Save Changes

  6. Follow the steps in the Box documentation for Granting Access for the Application in Your Enterprise.