Connect Box to Microsoft Cloud App Security
This section provides instructions for connecting Cloud App Security to your existing Box account using the App Connector APIs.
How to connect Box to Cloud App Security
Deploying with an account that is not an Admin account leads to a failure in the API test and does not allow Cloud App Security to scan all of the files in Box. If this is a problem for you, you can deploy with a Co-Admin that has all of the privileges checked, but the API test will continue to fail and files owned by other admins in Box will not be scanned.
If you restrict application permission access, follow this step. Otherwise, skip to step 2.
In the Box Admin console, click the settings icon followed by Business settings.
Click on the Apps tab.
If Unpublished Applications is selected, in the Except for text box, add the Cloud App Security app serial number:
US1 data center:
US2 data center:
EU1 data center:
Then click Save. For information on how to see which Cloud App Security data center you are connected to, see API tokens.
If you are an existing Adallom customer, and your console URL is for Adallom and not Cloud App Security, use this app serial number: bwahmilhdlpbqy2ongkl119o3lrkoshc.
In the Cloud App Security portal, click Investigate and then Connected apps.
In the App connectors page, click the plus sign button and select Box.
In the Box settings pop-up, click Follow this link.
The Box logon page opens. Enter your credentials to allow Cloud App Security access to your team's Box app.
Box asks you if you want to allow Cloud App Security access to your team information, activity log, and perform activities as a team member. To proceed, click Allow.
Back in the Cloud App Security portal, you should receive a message saying that Box was successfully connected.
Make sure the connection succeeded by clicking Test API.
Testing may take a couple of minutes. After receiving a success notice, click Close.
Box is now connected to Cloud App Security.
After connecting Box, you will receive events for 60 days prior to connection.
After connecting Box, Cloud App Security performs a full scan. Depending on how many files and users you have, completing the full scan can take awhile. To enable near real-time scanning, files on which activities are detected are moved to the beginning of the scan queue. For example, a file that is edited, updated, or shared is scanned right away rather than waiting for the regular scan process. Near real-time scanning does not apply to files that are not inherently modified. For example, files that are viewed, previewed, printed, or exported are scanned as part of the regularly scheduled scan.