1.0 Box

Complete the following steps to configure Box to allow user provisioning from Access Manager using SAM.

  1. Log in to your Box developer account at https://developer.box.com.

  2. On the My Apps page:

    1. Click Create New App, select Enterprise Integration, then click Next.

    2. Select OAuth 2.0 with JWT (Server Authentication), then click Next.

  3. Give your app a unique name, then click Create app.

  4. Click View Your App and do the following:

    1. Set Application Access to Enterprise.

    2. Verify that Application Scopes includes Manage users and Manage groups.

    3. Click Generate a Public/Private Keypair, then follow the prompts to download the JSON file and securely save it for later use when you configure Access Manager.

      In addition to the private key, this file contains values for the key passphrase, Client ID, Client Secret, Public Key ID, and enterprise ID. These values will be used later when you configure Access Manager.

    4. In the OAuth 2.0 Credentials section of the page, click Copy to save the value of the Client ID to the clipboard. You will use this value in Step 5.d.

    5. Click Save Changes to save the app, then click My Apps in the left navigation bar.

  5. Authorize access for the app created above using the following steps:

    1. In the left navigation bar of the My Apps page, click Admin Console to access your Box admin console.

    2. Navigate to Apps > Custom Apps.

    3. Click Authorize using client ID (the + icon on the top right of the page).

    4. In the App Authorization prompt for Client ID, paste the value of the Client ID that you saved in Step 4.d.

    5. Click Next > Authorize.

    When you have completed the above steps at Box, the downloaded JSON file will contain all values required for configuring the Box application's Account Management settings in Access Manager. You can open the file using a text editor to view the values for enterpriseID, clientID, clientSecret, publicKeyID, privateKey, passphrase, and enterpriseID, which will be used when configuring Access Manager.

  6. The last step before configuring the Access Manager settings is to extract and reformat the private key:

    1. Open the JSON file in a text editor.

    2. Copy the private key to the clipboard, then paste it into a new editor window. The content should look similar to the following:

      -----BEGIN ENCRYPTED PRIVATE KEY-----\nMIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIWzhaNTHqDx0CAggA\nMBQGCCqGSIb3DQMHBAhBqPeQY/K9JwSCBMiV4Wr9E1e8nUUv/oi4ceA1QkI/tezM\n45CDCycZUSr78hPjqL21tnku6IaSO0rkpGG1HAprBxzV0u0onlNpSusQE8mPS6jn\n8GzHLCvtPAALSr5euDLt+7JQ5NEKxnYX9799rd2/Dma4F4VnfGHzp7Ry1LG2fRey\n0m/X0IGh9TWt0RX+nkMcTUxV/jqlT3IL115Duh7uw/tT73+S2WwIULTw+laLA23k\nR9mlUdhTzqdHN5TrKAKM9Uw/mqnDC9pdaLG+bsNrADv67IK8OsqbmFHprlOjXLQ7\n/hBJ43jlN05bpZ+7d2ntINJQGVNpv9YGS7mSDwejSoJpbHJeE8GqGYR9++VZNv61\nHmhj6WYWw3bGKet/vtP/QyJItRLNyzpBslH5V3XWXlsPqw/p9Fw1/axCL94wnsmQ\nIp7LRbzzf7uwmGZH2rkqXrgH/N7IAxabyBmu/qDjxdQvKcwMwnjGGs2q1HlM48jx\nyf5ZGsjZBbF8t8kcIhDuCZh8ZL3QYaBHqIuCMjleHl0W7vGuR82MX+79MUVMIqGG\n0r0P3ufVbo9rKNhybTqyvDiASE020HFnU+HXDNo0ynuHIEvMxY1Yip6y/w96oNnx\ngcaB85QsfJwdMYLXJrlF78mbsrYJTjNy0nL+Zs2vMfPKkA0V7eeER4x0fDybFsUA\nGq4wqkQ83byjBRTTAwQJK4b1n3T0nsxOHrZq0XKq/mGMcUk+AQUW23v2UrG4H6eE\nnIoTYiU3Gm2t1xytl2zjsiEm2axsqIrvZNUDSfn/Bb6mHt4RN8ajRFwU8mdvQMm1\nwhdML0M1av3CFS4qkqGII/xyzTPz1kvAUDM5PP86+7SfIcCl6UZbE/dDGV0y2vAb\nSwMJXkkInwyFjxzPs4SNiQkW8djKc+K0OKNUs7W1NJHyp274xi/ljJkwIQ18mKH5\nAe9XcZ2NJoEt63gzySdY79G8TJsVKZjHjtW4PV/sV+DBiJO+bBb7OdRQHeaO82fi\n9dQ5y5Eg7SHK+CcWGTE6z4uVn4797Kh3leGBmAz4ZisIqocSTpU+P1/HmvtEowH3\nG0wGLQu7aB/dVRUFDFEDLfYRnjjyQwvYG94pVAjClhYwUbc7BWAYYE4UwZ3bG3NE\nHoQaMfpVShERMifwDjmQ0SA3ffge1Ht97Jbe5VfFtbNyJupu94e694I6lzokj2al\npKp5vGuMQOP4t60yV8zY36167y1HsEKT/S3mcPkFoZ3PP3IFyxlnRsk6LEx2QEq6\nxBQUrpimErKZBKeb9JpuAs1AjqFs/EGzb1PGEGv0aZFMK2H0uRZzxmc0fvGR2N5L\n9q45c/LR3cwQ95V03lUF/hPajP+f7wbysmejEEYKLGc2ySAERguZThauzkrIueNo\nFg/AjVAnwX1zOcxa6u5nBxWRcMG35xV2QvclslbQvZXB7/XAk+oTdlsTdn+hKoCO\nLE0ytOJKP1J9hnJ0QoeCm6QXZ2gUCDpGXuXT6GoKZPsIbVTaS2u8wG2SleDsIbqO\noO8jEa7KZ4SfMJOlQPvoJF9L8aDHX2i408PwHpFxV36/KOhcyM4Jdx3Z7tYNltCB\n5m5XYQCN1Z/GLqECBcIrA1T4r8xvFhYV9xY7F5m2DH8S2QejCdr*************\nc8A=\n-----END ENCRYPTED PRIVATE KEY-----

    3. Replace all new line (\n) characters with Line Feed (LF) characters.

    4. Save the edited key to a separate text file with a .key extension. The file content should look similar to the following:

      -----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIWzhaNTHqDx0CAggA
MBQGCCqGSIb3DQMHBAhBqPeQY/K9JwSCBMiV4Wr9E1e8nUUv/oi4ceA1QkI/tezM
45CDCycZUSr78hPjqL21tnku6IaSO0rkpGG1HAprBxzV0u0onlNpSusQE8mPS6jn
8GzHLCvtPAALSr5euDLt+7JQ5NEKxnYX9799rd2/Dma4F4VnfGHzp7Ry1LG2fRey
0m/X0IGh9TWt0RX+nkMcTUxV/jqlT3IL115Duh7uw/tT73+S2WwIULTw+laLA23k
R9mlUdhTzqdHN5TrKAKM9Uw/mqnDC9pdaLG+bsNrADv67IK8OsqbmFHprlOjXLQ7
/hBJ43jlN05bpZ+7d2ntINJQGVNpv9YGS7mSDwejSoJpbHJeE8GqGYR9++VZNv61
Hmhj6WYWw3bGKet/vtP/QyJItRLNyzpBslH5V3XWXlsPqw/p9Fw1/axCL94wnsmQ
Ip7LRbzzf7uwmGZH2rkqXrgH/N7IAxabyBmu/qDjxdQvKcwMwnjGGs2q1HlM48jx
yf5ZGsjZBbF8t8kcIhDuCZh8ZL3QYaBHqIuCMjleHl0W7vGuR82MX+79MUVMIqGG
0r0P3ufVbo9rKNhybTqyvDiASE020HFnU+HXDNo0ynuHIEvMxY1Yip6y/w96oNnx
gcaB85QsfJwdMYLXJrlF78mbsrYJTjNy0nL+Zs2vMfPKkA0V7eeER4x0fDybFsUA
Gq4wqkQ83byjBRTTAwQJK4b1n3T0nsxOHrZq0XKq/mGMcUk+AQUW23v2UrG4H6eE
nIoTYiU3Gm2t1xytl2zjsiEm2axsqIrvZNUDSfn/Bb6mHt4RN8ajRFwU8mdvQMm1
whdML0M1av3CFS4qkqGII/xyzTPz1kvAUDM5PP86+7SfIcCl6UZbE/dDGV0y2vAb
SwMJXkkInwyFjxzPs4SNiQkW8djKc+K0OKNUs7W1NJHyp274xi/ljJkwIQ18mKH5
Ae9XcZ2NJoEt63gzySdY79G8TJsVKZjHjtW4PV/sV+DBiJO+bBb7OdRQHeaO82fi
9dQ5y5Eg7SHK+CcWGTE6z4uVn4797Kh3leGBmAz4ZisIqocSTpU+P1/HmvtEowH3
G0wGLQu7aB/dVRUFDFEDLfYRnjjyQwvYG94pVAjClhYwUbc7BWAYYE4UwZ3bG3NE
HoQaMfpVShERMifwDjmQ0SA3ffge1Ht97Jbe5VfFtbNyJupu94e694I6lzokj2al
pKp5vGuMQOP4t60yV8zY36167y1HsEKT/S3mcPkFoZ3PP3IFyxlnRsk6LEx2QEq6
xBQUrpimErKZBKeb9JpuAs1AjqFs/EGzb1PGEGv0aZFMK2H0uRZzxmc0fvGR2N5L
9q45c/LR3cwQ95V03lUF/hPajP+f7wbysmejEEYKLGc2ySAERguZThauzkrIueNo
Fg/AjVAnwX1zOcxa6u5nBxWRcMG35xV2QvclslbQvZXB7/XAk+oTdlsTdn+hKoCO
LE0ytOJKP1J9hnJ0QoeCm6QXZ2gUCDpGXuXT6GoKZPsIbVTaS2u8wG2SleDsIbqO
oO8jEa7KZ4SfMJOlQPvoJF9L8aDHX2i408PwHpFxV36/KOhcyM4Jdx3Z7tYNltCB
5m5XYQCN1Z/GLqECBcIrA1T4r8xvFhYV9xY7F5m2DH8S2QejCdr5************
c8A=
-----END ENCRYPTED PRIVATE KEY-----

      This will be the file used for the Private Key setting when configuring Access Manager.

You are now ready to complete the application settings in Access Manager.