On this Page

This account is used by the Snaps in the Box Snap Pack.

You can create an account from Designer or Manager. In Designer, when working on pipelines, every Snap that needs an account prompts you to create a new account or use an existing account. The accounts can be created in or used from:

  • Your private project folder: This folder contains the pipelines that will use the account.
  • Your Project Space’s shared folder: This folder is accessible to all the users that belong to the Project Space.
  • The global shared folder: This folder is accessible to all the users within an organization in the SnapLogic instance.


Account Configuration

In Manager, you can navigate to the required folder and create an account in it (see Accounts). To create an account for Box: 

  1. Click Create, then select Box > Box.com account.
  2. Supply an account label.
  3. Click the Authorize bar. You will be asked to login into a Box account. Login with user credentials and after successful log in, you will be asked to grant permissions. You must grant permissions to make a connection.
  4. (Optional) Supply additional information on this account in the Notes field of the Info tab.
  5. Click Apply.

Avoid changing account credentials while pipelines using them are in progress. This may lead to unexpected results, including locking the account.


You need to use a Box Enterprise account.


Account Types

Box.com Account


Label


Required. User provided label for the account instance

Access token


Required. The access token for the application. The retrieval of the access token is done when setting up the account for the endpoint. There, the OAuth2 flow will be executed and the resulting access token will be stored in this property. The access token might be refreshable, in that case an optional refresh token can be stored. The user must get a new access token if the access token has expired and no refresh token was defined or both the access and the refresh token have expired.

Refresh token

The refresh token for the application. The retrieval of the refresh token is done when setting up the account for the endpoint. There, the OAuth2 flow will be executed and the resulting refresh token can be stored in this property. If the refresh token is stored, then the access token can be refreshed automatically before it expires.

Access token expiration

The access token expiration value.

Per Box, access token must expire under 60 minutes.


OAuth2 Endpoint


Required. Authorization endpoint to authorize the application.

Default value: "https://app.box.com/api/oauth2/authorize"

Recommended value as per Box: "https://account.box.com/api/oauth2/authorize"

OAuth2 Token


Required. Token endpoint to get the access token.

Default value: "https://app.box.com/api/oauth2/token"

Recommended value as per Box: "https://api.box.com/oauth2/token"

Auth endpoint configProvides custom properties for the OAuth2 auth endpoint.
RefreshRefresh access token. Available after the account has been saved.
Auto-refresh tokenRefreshes the token automatically using the refresh token if the property is enabled. Otherwise the token might expire and will not be automatically refreshed.
AuthorizeStarts the OAuth authorization flow. Account will be saved before authorize. 


Box Service Account

A service account enables multiple users to use the same account for performing operations in Box. You can use this account type to connect to a Box application that has OAuth2 with JWT Token authentication. 

Create a service account application in Box because all the parameters required to configure this account type are generated in the Box admin console. See JWT Application Setup for details.

See the App Settings JSON file for the account parameters. Alternatively, perform the following steps to get the parameters from the Box developer console:

  1. Log in to your Box developer console.
  2. Navigate to the Box service account app you are working with, and click Edit Application
  3. Go to the OAuth 2 Parameters section of the configuration page.
    The parameters appear against their corresponding fields.


Label

Required. User provided label for the account instance.

Default value: N/A

Client ID

Required.  The client ID of the application requesting authentication. 

Example: plb5ltfzq9bz7micz6x6p5zfnycw98e3

Default value: N/A

Client secret

RequiredThe client secret of the application requesting authentication. 

Example: PCQNt3d6xym9JiiVGRqDpNcFryxKhfun

Default value: N/A

Public key ID

Required. The public key ID of the application. 

Example: hs2c02ko

Default value: N/A

Private key

Required. The encrypted private key.

Example:  

-----BEGIN ENCRYPTED PRIVATE KEY-----\n

MkiG9RefG12qasOn\nMBQGCCqGSIb3DQMHBAj/xheVHRkNNgSC BMhL9TFI/pX0EVwkT44QyEOI9DuXIIlsg\nwqYR58DkP7ItCfZdFHq8 3pCwLjlvuRYsYGsb2F24OsLjCna0HsnpCbe4rvpedj7QE/aO\nN0xn8 p\nYnhxUWQzXy7ZnzYPn1wmtcaYwx+Ialn2tukqZCEpqrFf8guOjvBl aPHcMGwYJab0\n26k=\n

-----END ENCRYPTED PRIVATE KEY-----\n

Default value: N/A

Private key passphrase

Required. The private key passphrase associated with the encrypted private key. 

Example: 176183e88324823d2318b74a1f376486

Default value: N/A

Enterprise ID

Required. The enterprise ID associated with the Box application. 

Example: 13684983

Default value: N/A


Account Encryption


Standard Encryption

If you are using Standard Encryption, the High sensitivity settings from the table under Enhanced Encryption are followed.


Enhanced Encryption

If you have the Enhanced Account Encryption feature, the following describes which fields are encrypted for each sensitivity level selected per each account.

  • High:
  • Medium + High:
  • Low + Medium + High: Access token, Refresh token