Connect Box

This page describes how to connect Box to Agentspace Enterprise. The connector supports both data ingestion and federated search. See the section for the approach you plan to use:

Connect Box (data ingestion)

Use the following procedure to sync data from Box to Agentspace Enterprise.

After you set up your data source and import data the first time, the data store syncs data from that source at a frequency that you select during setup.

Before you begin

Before setting up your connection:

  1. You must have administrator access to the Box instance with 2FA enabled. All the set up instructions can only be performed from the administrator account.

  2. Set up access control for your data source. For information about setting up access control, see Use data source access control.

  3. Read Setup with JWT in the Box documentation for an overview of the setup with screenshots.

Create a Box app

  1. Sign in to the Box Developer Console with your administrator account.
  2. Click Create platform app.
  3. Select App type as Custom app.
  4. Enter the App name.
  5. Set the following properties:
    1. Purpose: Integration
    2. Categories: AI
    3. External system: Google Cloud Agentspace Enterprise
  6. Select Authentication method as Server authentication (with JWT).
  7. Click Create app.

Configure the Box app

  1. In the Box Developer Console, choose the Platform app and then go to the Configuration tab.
  2. In the App access level section, select App + Enterprise access.

  3. In the Application scopes section, select the following scopes:

    1. Read all files and folders stored in Box
    2. Write all files and folders stored in Box
    3. Manage users
    4. Manage groups
    5. Manage enterprise properties

  4. In the Advanced features section, select Make API calls using the as-user header.

  5. In the Add and manage public keys section, click Generate a public/private keypair.

    1. The public key is automatically uploaded to the console with an ID. This ID is used when creating a connection.
    2. You can download a configuration file with the private key and passphrase. Make sure to keep this file for later use.
    3. Optionally, to generate your own key, see the Box keypair setup guide.

  6. Click Save changes.

Authorize the Box app

  1. In the Box Developer Console, choose the Platform app and then go to the Authorization tab.
  2. Click Review and submit.
  3. In the Review app authorization submission dialog, click Submit.
  4. Sign in to the Box admin platform apps manager with your administrator account.
  5. Choose the Platform app that you have configured.
  6. Click the three dots (...) in the corresponding row.
  7. Select Authorize app from the drop-down list.
  8. In the Authorize app dialog, click Authorize to complete the authorization process.

Have the following Box authentication information ready:

  • Enterprise ID: Obtain it from the General settings tab.
  • Client ID and Client secret: Obtain it from the Configuration tab under OAuth 2.0 credentials.
  • Private key, Key ID, and Passphrase: These parameters were already generated and downloaded to a local file from the Configuration tab under Add and manage public keys while configuring the app.

Create a Box connector

Console

To use the Google Cloud console to sync data from Box to Agentspace Enterprise, follow these steps:

  1. In the Google Cloud console, go to the Agentspace Enterprise page.

    Agentspace Enterprise

  2. In the navigation menu, click Data stores.

  3. Click Create data store.

  4. On the Select a data source page, scroll or search for Box to connect your third-party source.

  5. Enter your authentication information.

  6. Select which entities to sync and click Continue.

  7. Select a region for your data store.

  8. Enter a name for your data store.

  9. Select a synchronization frequency for your data store.

  10. Click Create. Agentspace Enterprise creates your data store and displays your data stores on the Data stores page.

  11. To check the status of your ingestion, go to the Data stores page and click your data store name to see details about it on its Data page. The Connector state changes from Creating to Running when it starts synchronizing data. When ingestion is complete, the state changes to Active to indicate that the connection to your data source is set up and awaiting the next scheduled synchronization.

    Depending on the size of your data, ingestion can take minutes or hours.

Next steps

Use the following procedure to search through your Box account using federated search.

You can use federated search connectors to send your queries to third-party search APIs instead of ingesting and indexing all data into Agentspace Enterprise. Using this approach, you can access external data sources immediately, without waiting for ingestion.

However, this approach might not be suitable in all scenarios. While federated search is quick to set up, it has the following limitations:

  • Compared to indexed data, federated search may deliver lower-quality results.
  • Federated search may introduce higher latency, because it depends on the third-party search API.
  • Not all connectors support federated search.

Before you begin

Register Agentspace Enterprise as an OAuth 2.0 application in Box. Make sure you have the following credentials:

  • Client ID
  • Client secret

Create a federated search connector with Box

Console

Use the following steps for Google Cloud console to perform federated search through Box from Agentspace Enterprise.

  1. In the Google Cloud console, go to the Agentspace page.

    Agentspace

  2. In the navigation menu, click Data stores.

  3. Click Create data store.

  4. On the Select a data source page, scroll or search for Box Federated to connect your third-party source.

    create-data-store
    Search for Box Federated

  5. Under Authentication settings:

    1. Enter the Client ID and Client secret.
    2. Click Authenticate.

    3. Click Continue.

      enter-auth-info
      Enter the authentication information

  6. Select a region for your data source.

  7. Enter a name for your data source.

    select-region-enter-name
    Configure your data connector

  8. Click Create. Agentspace Enterprise creates your data store and displays your data stores on the Data stores page.

Once the data store is created, go to the Data stores page and click your data store name to see the status. If the Connector state changes from Creating to Active, the federated search connector is ready to be used.

User authorization

After creating a federated search data store, you can see it listed as one of the data sources in your source management panel. If you haven't previously authorized Agentspace Enterprise, then you can't select the data source. Instead, an Authorize button appears next to it.

To initiate the authorization flow:

  1. Click Authorize. You are redirected to the Box authorization server.

    click-authorize
    Click Authorize

  2. Sign in to your Box account.

  3. Click Grant access. After granting access, you are redirected back to Agentspace Enterprise to complete the authorization flow.

    Agentspace Enterprise obtains the access_token, and uses it to access the 3P search.

Query execution

When you enter a search query:

  • If Box federated search is authorized, Agentspace Enterprise sends the query to the Box API.
  • Agentspace Enterprise blends the results with those from other sources and displays them.

Data handling

When using third-party federated search, your query string is sent to the third-party search backend. These third parties may associate queries with your identity. If multiple federated search data sources are enabled, the query may be sent to all of them.

Once the data reaches the third-party system, it is governed by that system's Terms of Service and privacy policies (not by Google Cloud's terms).