When you or your users set up a Box connection (needed for Box connectors) on your Website as a Service website, the authorization message needs to show your brand instead of our brand.

 

This is done by registering for Box API access on a Box account that reflects your company or brand name.


If you're creating a new Box account, make sure to use a general email address that reflects your brand's web domain.

Something like info@myapp.com or support@myapp.com would be ideal.

 

The next step is getting your API app keys from Box:

  • Go to https://app.box.com/developers/services/edit/ and sign in with your Box account.
  • To get started, you need to create a new Box App. Select Custom App, followed by the Next button.

  • On the authentication method page that appears, click on the Standard OAuth 2.0 (User Authentication) option and click the Next button.

  • Give your application a unique name, click the Create App button, then click the View Your App button on the next page.


Your newly created OAuth application will be presented on the Configuration page, allowing you to configure it further.


Next, we need to configure the OAuth Application. On the configuration page of the new OAuth application, adjust the following settings to your needs:

  • OAuth 2.0 Credentials: Copy the Client ID and Client Secret values and paste these into the provided Box API Access fields on your Site Integrations page back on the platform.

    Make sure to save your changes to the Site Integrations page.

  • OAuth 2.0 Redirect URI:  Next, you need to set the OAuth2 Redirect URIs to point to your WaaS site.

    Your OAuth2 redirect URI is also found on your Site Integrations page on our platform, beneath the Client ID and Client Secret, as outlined in the previous step. Copy the redirect URL from the Box API Access Details on the platform and paste it into the Redirect URI field of the Box configuration page.

  • Application Scopes: Ensure that the Read and write all files and folders stored in Box option is checked.

  • CORS Domains: The CORS domain would be the WaaS domain. e.g. secure.mycompany.com.


Finally, save the changes.