Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Insert excerpt | ||||||
---|---|---|---|---|---|---|
|
EmpowerID Box connector allows organizations to bring the user and group data in their Box system to EmpowerID, where it can be managed and synchronized with data in any connected back-end user directories. Once connected, you can manage this data from EmpowerID in the following ways:
Account Management
Inventory Box user accounts
Create, Update and Delete Box user accounts
Enable and Disable Box user accounts
Group Management
Inventory Box groups
Inventory Box group memberships
Create and Delete Box groups
Add and Remove members to and from Box groups
Attribute Flow
Users in Box are inventoried as accounts in EmpowerID. The below table shows the attribute mappings of Box user attributes to EmpowerID Person attributes.
Box Attribute | Box Table | Corresponding EmpowerID Attribute | Description |
---|---|---|---|
Name | User | Name | Name of the user |
FirstName | User | FirstName | First name of the user |
DisplayName | User | FriendlyName | Display Name of the user |
Login | User | Login | Login of the user |
Status | User | Active | Specifies whether the user is active |
CompanyName | User | Company | Company name of the user |
Description | User | Description | Description of the user |
Language | User | PreferredLanguage | Language of the user |
Job_Title | User | Title | Title of the user |
Phone | User | Telephone | Phone number of the user |
Additionally, EmpowerID provides Provisioning policies or Resource Entitlements that allow you to automatically provision Box accounts for any person within your organization based on your policy requirements.
Info |
---|
In order to connect EmpowerID to Box, the following prerequisites need to be met:
|
Step 1 – Register EmpowerID as an application in Box
To register EmpowerID as an application in box, follow the below steps:
Click Dev Console and then click Create New App.
Image RemovedSelect Enterprise Integration and click Next.
Image RemovedImage AddedSelect the app type as Custom App as shown in the image below
Image AddedOn the Authentication Method page, selectOAuth 2.0 Server Authentication with JWT (Server Authentication) and then click Next.
Image RemovedName the app and then click Create App.
Image Removedand type the name of the app.
Image AddedThen click on Create App button. This will take you to the new app configuration page as shown in the image below. Box creates the app and generates the developer token.
Image RemovedClick View Your App.
This directs you to the Configuration page.
Image RemovedUnder Application Access, select Enterprise.
Image RemovedUnder Application Scopes, select the options shown below.
Image Removed- Under Advanced Features, select Perform Action as Users and Generate User Access Tokens.Image Added
Scroll down the configuration page and under “App Access Level” select “Enterprise”
Image AddedScroll down a bit more on configuration page and under “Application scopes” select the options as shown in the image below:
Image AddedUnder “Advanced features” select “Make API calls using the as-user header” and “generate user access tokens”
Image AddedUnder Add and Manage Public Keys, click click Generate a Public/Private Keypair. When When you click Generate a Public/Private Keypair, Box will send a Verification code to the mobile number linked to the account. To use this feature, Two-factor authentication must be enabled on Box.
Image RemovedEnter the code sent to your mobile number.
- Image Added
Download the JSON file generated by “Generate a Public/Private Keypair.”
- Image Added
Save your changes and then point your browser to https://app.box.com.
Select Admin Console from sidebar.
Select Enterprise Settings and then click the Apps tab.
Image RemovedImage AddedUnder Custom Applications, click Authorize New App and wait for about 10 minutes some time before proceeding to the next step.
Copy the value for the ClientID of the application from the JSON file you downloaded above.
Paste the ClientID in the API Key field of the App Authorization dialog and then click Next.
Image RemovedImage AddedClick Authorize.
Image RemovedImage Added
After registering EmpowerID in Box, the next step is to create a Box account store in EmpowerID.
Step 2 – Create a Box account store in EmpowerID
On the navbar, expand Admin > Applications and Directories and select Account Stores and Systems.
On the Account Stores page, click Create Account Store.
Under System Types, search for Box.
Click Box to select the type and then click Submit.
Image RemovedImage AddedOn the Box Settings page that appears, do the following:
Enter a Name in the Name field.
Enter a UPN Suffix in the UPN Suffix field.
Click Choose File and upload the application JSON file you downloaded from Box.
Click Submit.
EmpowerID creates the account store and the associated resource system. The next step is to configure the attribute flow between the account store and EmpowerID.
Step 3 – Configure Attribute flow
Insert excerpt | ||||||
---|---|---|---|---|---|---|
|
Now that the attribute flow has been set, the next steps include configuring the account store and enabling EmpowerID to inventory it.
Step 4 – Configure account store settings
On the Account Store and Resource System page, select the Account Store tab and then click the pencil icon to put the account store in edit mode.
Image RemovedImage Added
Image RemovedImage Added
This opens the edit page for the Box account store. This page allows you to specify the account proxy used to connect EmpowerID to your Box account as well as how you want EmpowerID to handle the user information it discovers in Box during inventory. Settings that can be edited are described in the table below the image.Insert excerpt IL:Account Store Settings (Non-AD) V21 IL:Account Store Settings (Non-AD) V21 nopanel true Edit the account store as needed and then click Save to save your changes.
Next, enable the Account Inbox permanent workflow to allow the Account Inbox to provision or join the user accounts in Box to EmpowerID Persons as demonstrated below.
Tip |
---|
EmpowerID recommends using the Account Inbox for provisioning and joining. |
Step 5 – Enable Account Inbox Permanent Workflow
Insert excerpt | ||||||
---|---|---|---|---|---|---|
|
Step 6 – Monitor Inventory
Insert excerpt | ||||||
---|---|---|---|---|---|---|
|
Insert excerpt | ||||||
---|---|---|---|---|---|---|
|
Div | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
IN THIS ARTICLE
|
Insert excerpt | ||||||
---|---|---|---|---|---|---|
|