Managing platform apps

Only primary admins and co-admins with the correct permissions can access this area of the Admin Console.

Box Platform enables you to build custom applications on the Box platform, seamlessly integrating the full power of Box with your solutions.  You can allow the use of these custom applications in your enterprise by enabling or authorizing them through the Admin Console.

Authorizing and enabling custom applications

Using the Admin Console, you can

• authorize and enable custom server authentication apps, such as JSON Web Token (JWT) apps, client credential apps, and limited access apps,
• enable custom user authentication applications, such as OAuth 2.0 apps, and
• enforce global integration controls.

To authorize or enable a custom server authentication app:

1. Open your Admin Console.
2. In the left sidebar, click Integrations.
3. In the top of the window, click Platform Apps Manager.
4. Click Server Authentication Apps. Box displays information about these available apps, including their authorization states and enablement states.
5. Hover on the name of an app and click View.  Box displays authorization and enablement options.
6. Check the authorization and enablement options you want to apply, then click Apply.

To enable or disable a custom user authentication app via admin console: 

1. Open your Admin Console.
2. In the left sidebar, click Integrations.
3. In the top of the window, click Platform Apps Manager.
4. In the top-right corner of the window, click Add Platform App then enter the user authentication application client ID.
5. Click User Authentication Apps. Box displays information about these available apps, including their enablement states.
6. Click an application, then select the state you want to apply. 
7. Click Apply.

To enable or disable a custom user authentication app via an emailed request:

1. Open the email requesting enablement.
2. In the email, click Review App Details. Box displays information about the application.
3. Check the enablement options you want to apply, then click Apply. 

Enforcing global integration controls

For both custom server authentication apps and custom user authentication apps, you can enforce global settings to:

• disable integrations by default,
• disable authorized platform apps, and
• require admin approval for each platform app seeking limited access to accounts in your enterprise.

To enforce global integration controls:

1. Open your Admin Console.
2. In the left sidebar, click Integrations.
3. In the top of the window, click Platform Apps Manager.
4. In the top right corner of the window, click Settings. Box displays Global Integration Settings.
5. For each setting you want to enforce, click the slider button. For an explanation of each setting, see Using global integration settings, below.
6. Click Save.

Using global integration settings

Disable integrations by default

When you select Disable integrations by default, Box disables all integrations, except those that you explicitly select in Individual Integration Controls to add by default.

Disable unpublished platform apps by default

When you select Disable unpublished platform apps by default, Box disables all unpublished platform apps by default. However, account holders can enable these platform apps by performing one of the following:

• Highlight the entry for a disabled platform app in the Platform Apps section, and then click the ellipsis ("...") and select Enable App. The application is now able to access content.
  Or
• Click Add Platform App, and then click Enable App. The application is now able to access content.

Require manual admin authorization for limited access apps

When you select Require manual admin authorization for limited access apps, by default Box denies access to platform apps seeking limited access to Box accounts in your enterprise, and grants access to only those apps you authorize. When an account holder tries to use an unauthorized app for limited access, Box sends an email to you requesting you to authorize the app.