With the release of Google Chrome 142 and Microsoft Edge 143, Box users will be prompted to allow or block local network access when a website tries to connect to a software app on your local machine.
Box relies on this mechanism to communicate with the Box Tools software on the same device for features like Open in Desktop, Device Trust posture checks for user logins, and CAC/PIV signature workflows. Because the Box web app relies on local communication with Box Tools, if the user does not grant permission, these features will stop working.
This browser prompt is used only for authentication. Box will not access or read information from other devices on your local network. It communicates only with the device where Device Trust, Box Edit, or CAC/PIV signature workflows are being used.
Below are the details of the user impact and the actions admins or end users can take to prevent this disruption.
Impact to End Users if Permission is Blocked or Not Granted
Users may see an unexpected browser permission prompt asking for local network access. Selecting “Block” will impact:
- Box Edit (“Open in Desktop App”) will no longer function
- Device Trust login flows will fail — users may be unable to log in to box.com
-
CAC/PIV signature workflows will not complete
Admin Action Required to Suppress Prompt
Administrators in managed Chromium environments can pre-grant local network access to trusted domains so end users never see the prompt.
To learn more about this policy from Google, see here.
To learn more about this policy from Microsoft, see here.
- In Google Admin Console, go to:
Devices > Chrome > Settings > Users & browsers > Security > Local Network Access - In the Allowed for local network access field, add:
- *://[*.]box.com
- *://[*.]box.net
- *://[*.]boxcn.net
- *://[*.]boxcdn.net
- *://[*.]boxenterprise.net
- Save changes and allow the policy to propagate.
End User Instructions to Allow Access
If you are prompted with “Look for and connect to any device on your local network” while using Box, click Allow.
If you already declined:
- In Chrome, go to:
chrome://settings/content/localNetworkAccess- In Edge, go to: edge://settings/content/localNetworkAccess
- Or manually:
- Menu (three dots) > Settings
- Privacy and security > Site Settings
- Scroll to Additional Permissions > Local network access
-
Under Allowed to connect to any device on your local network, click Add and enter:
[*.]box.com [*.]box.net [*.]boxcn.net [*.]boxcdn.net [*.]boxenterprise.net
- Refresh your browser and retry the operation.
If you are in a managed environment and cannot edit this list, please reach out to your Box admin.
Managed Environment Indicators
You are likely in a managed environment if:
- Chrome settings show: “Your browser is managed by [organization]”
- The Add box under Local network access is greyed out / not editable
To learn more about this update, please read the product announcement. For any questions or concerns regarding this functionality and your organization, please reach out to your account team or Product Support team.