Box integration

Integrate Identity Security Posture Management (ISPM) with your Box tenant. This integration provides visibility and risk analysis for Box identities and permissions.

Install a custom app

  1. Sign in to the Box environment as an Admin or as a Co-Admin.

  2. In the Box developer console, click Dev Console.

  3. On the My Platform Apps page, click Create Platform App.

  4. Select Custom App.

  5. Enter the following details:

    1. App Name: Enter a name for the app. For example, ISPM Integration

    2. Purpose: Describe the purpose of the app. For example, Integration

    3. Categories: Specify the app's category. For example, Security and compliance

    4. Which external system are you integrating with?: Enter Okta ISPM.

  6. Click Next.

  7. Under Authentication Method, select Server Authentication (Client Credentials Grant).

  8. Click Create App. You are redirected to the app's Configuration page.

  9. On the Configuration page, go to OAuth 2.0 Credentials.

    1. Copy Client ID. Store it securely for later.

    2. Click Fetch Client Secret.

    3. Copy Client Secret. Store it securely for later.

  10. Under App Access Level, select App + Enterprise Access.

  11. In the Application Scopessection, do the following steps:

    1. Clear the selection for Write all files and folders stored in Box.

    2. Select the following scopes:

      • Read all files and folders stored in Box

      • Manage users

      • Manage groups

      • Manage enterprise properties

  12. Click Save Changes.

  13. Go to the Authorization tab.

  14. On the Authorization tab, do the following steps:

    1. Click Review and Submit.

    2. Enter a short description.

    3. Click Submit.

  15. Click Back to My Account.

  16. Go to Admin Console Integrations Platform Apps Manager.

  17. Search for the app that you configured earlier. For example, ISPM Integration

  18. Click View.

  19. Click Authorize and click Authorize again.

Obtain the Enterprise ID

  1. Go to your Box account and click Admin Console.
  2. Open the navigation sidebar, and then click Account & Billing.
  3. Copy the value of the Enterprise ID. The Enterprise ID is in the Account Information section.

Add ISPM IPs to your Trusted IP Range

If your org uses Box Shield, place the following ISPM IP addresses in an allowlist to successfully integrate ISPM and Box:

  • 13.52.68.184
  • 54.193.209.206
  • 13.57.96.208
  • 184.72.14.192

Share the parameters with ISPM

  1. In the Identity Security Posture Management console, go to SettingsSources gallery.

  2. Select Box.
  3. Enter the Enterprise ID that you copied earlier.
  4. Click Submit.