Box configuration

This page describes how to set up and configure a third-party configuration before creating the Box data store.

Create a Box app

1. Sign in to the Box Developer Console with your administrator account.
2. Click Create platform app.
3. Select App typeas Custom app.
4. Enter the App name.

5. Set the following properties:

   • Purpose:Integration.
   • Categories:AI.
   • External system:Google Cloud Gemini Enterprise.

6. Select Authentication methodas Server Auth - JWT.

7. Click Create App.

Configure the Box app

1. In the Box Developer Console , select the Platform app from the My Platform Appspage.

   

2. In the Configurationtab, do the following:

   1. In the App access levelsection, select App + Enterprise access.

      

   2. In the Application scopessection, select the scopes based on the connection mode from the following table:

      Connection mode

      Scope

      Purpose

      Federated search

      Read all files and folders stored in Box

      Required to fetch comments and tasks, and to preview files for search.

      Federated search and actions

      Write all files and folders stored in Box

      Required to copy the files and also to fetch comments and tasks, and to preview files for search.

      Data ingestion

      Read all files and folders stored in Box

      Required for data ingestion.

      Manage users

      Required to fetch the list of users, enabling retrieval of files, comments, and tasks from individual user accounts for ingestion. The administrator service account does not inherently possess access to all user-owned files. The as-user header enables the system to make API requests as the specific user to access their data.

      Manage enterprise properties

      Necessary for incremental sync functionality, as it facilitates the use of the Enterprise event stream to track changes for ingestion.

      Manage groups

      Required to fetch the list of groups and their members. This is critical for access control during ingestion.

3. In the Add and manage public keyssection, click Generate a public/private keypair.

   • The public keyis automatically uploaded to the console with an ID, used when creating a connection.
   • You can download a configuration file with the private key and passphrase. Be sure to keep this file for later use.
   • Optionally, to generate your own key, see the Box keypair setup guide .

4. Click Save changes.

Authorize the Box app

To authorize the Box app from the Developer console, do the following:

1. In the Box Developer Console , select the Platform app, and then go to the Authorizationtab.
2. Click Review and submit.

3. In the Review app authorization submissiondialog, click Submit.

   If the authorization request is submitted successfully, the following confirmation message is shown:

   

To authorize the Box app from the Box admin platform apps manager, do the following:

1. Sign in to the Box admin platform apps manager with your administrator account.
2. Choose the Platform appthat you have configured.
3. Click the three dots ( ...) in the corresponding row.
4. Select Authorize appfrom the drop-down list.
5. In the Authorize appdialog, click Authorizeto complete the authorization process.

Obtain Box authentication information

To obtain the Box authentication information, do the following:

1. In the Box Developer Console , select the Platform app from the My Platform Appspage.

• Enterprise ID: Obtain it from the General settingstab.

  

• Client IDand Client secret: Obtain it from the Configurationtab under OAuth 2.0 credentials.

  

• Private key, Key ID, and Passphrase: These parameters were generated and downloaded to a local file from the Configurationtab under Add and manage public keyswhile configuring the app.