Log in as an administrator to the CloudAccess administration console:

https://appliance_dns_name/appliance/index.html

Drag and drop the connector for Box from the Applications palette to the Applications panel.

The Configuration window opens automatically for the initial configuration. To view or reconfigure the settings later, click the connector icon, then click Configure.

On the Configuration page, specify the configuration properties.

The signing certificate from Box is optional.

Under Assertion Attribute Mappings, map the SAML Assertion attributes to the appropriate attributes in your identity source.

Expand the Federation Instructions, then copy and paste the instructions into a text file to use during the Box configuration for single sign-on.

Click the Appmarks tab, then review and edit the default settings for the appmark.

For more information, see Section 2.5, Configuring Appmarks for Connectors.

Click OK to save the configuration.

On the Admin page, click Apply to commit the changes to the appliance.

Wait until the configuration changes have been applied on each node of the CloudAccess cluster.

Contact your Box account representative and provide the information they need to configure the SAML 2.0 federation for CloudAccess.

Use the information from the Federation Instructions in Step 5 to complete the setup.

Click Policy in the toolbar, then perform policy mapping to specify entitlements for identity source roles (groups).

For more information, see Mapping Authorizations in the NetIQ® CloudAccess and MobileAccess Installation and Configuration Guide.

After you complete the configuration, users can log in through CloudAccess to single sign-on to the Box system. The CloudAccess login page URL is:

https://appliance_dns_name