Learn practical AI for business and earn your AI Professional certification. — Learn More

Box Status
Print

Known Issue: Co-Authoring and Box Shield Suspicious Location Policy

Known Issue , Box Shield , Co-Authoring , Suspicious Location Policy

Issue

When trying to use Box for Microsoft Office Co-Authoring, you may see the error:

  • “Sorry, we could not sign you into Box. Please try again later.”

You may also see related errors when opening co-authorable files:

  • “We can't open 'File.docx' as it is not supported.”
  • “Sorry, we couldn’t open 'https://api.box.com/wopi/files/.../File.docx’.”

 

Cause

Microsoft has confirmed it does not provide geo-specific processing for CSPP or CSPP Plus, and cannot guarantee where co-authoring service requests are processed except for FedRAMP-specific scenarios. As a result, Box Shield’s Suspicious Location IP check can sometimes block Microsoft Co-Authoring server IPs and cause the sign-in/open failures above.

 

Workaround / Recommended Action

Box recommends that Box Admins exclude Microsoft Co-Authoring server IPs from the Box Shield Suspicious Location IP check.

Microsoft  URLs and IP address ranges can be found at https://learn.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide.

 

Steps:

  1. Identify your organization’s Microsoft Co-Authoring server IP addresses (consult Microsoft or your tenant/network team if needed).
  2. In the Box Admin Console, go to Box Shield > Suspicious Location > IP Exclusions.
  3. Add the identified Microsoft Co-Authoring server IPs to the exclusion list.
  4. Save changes and test co-authoring access.

 

Notes and cautions

Excluding IPs from Suspicious Location reduces the likelihood of false positives but may slightly lower location-based protections. Balance this change with your organization’s security requirements.

If your organization requires strict geo-restrictions (for example, non-FedRAMP scenarios), consult your security team before applying exclusions.

If you are a FedRAMP customer, Microsoft may provide different processing guarantees; contact Microsoft support for details.

 

If problems persist

  • Confirm the exact error message and time of occurrence.
  • Verify the IPs you excluded match the sources in your Box Shield logs.
  • Contact Box Support with logs and the affected user(s) information for further assistance.

Related articles