We are excited to introduce new admin controls for the Box MCP server, providing enterprises with the essential guardrails needed to manage how AI agents interact with their content. As enterprises look to automate more complex business processes, they require a safe way to enable "write" actions such as moving files, applying classifications, or updating metadata. These new controls allow admins to tailor agent capabilities to their organization's specific risk tolerance and compliance needs.
With this release, we launched a new Box MCP server tab within the Admin Console for admins to oversee and restrict the tools available to third-party AI platforms.
Admins are now able to:
- View all available MCP tools and their descriptions
- Quickly set access for entire tool categories (such as Files and Folders, Search, or Collaboration) to Disabled, Read-Only, Read & Write, or Custom.
- Use the Custom configuration to enable or disable specific individual tools within a group, ensuring agents only have the exact permissions required for their tasks.
Tools disabled by an admin are automatically hidden from end-users within their AI agent's context window, reducing confusion and preventing unauthorized action attempts.
Every configuration change is logged, allowing admins to track who changed a tool's status and when.