Box
The Box connector lets you connect to a Box backend and use SQL to retrieve and update Box data.
Supported versions
This connector supports Box Content API version 2.0.
Before you begin
Before using the Box connector, do the following tasks:
- In your Google Cloud project:
- Grant the roles/connectors.admin IAM role to the user configuring the connector.
- Grant the following IAM roles to the service account that you want to use for the connector:
roles/secretmanager.viewer
roles/secretmanager.secretAccessor
A service account is a special type of Google account intended to represent a non-human user that needs to authenticate and be authorized to access data in Google APIs. If you don't have a service account, you must create a service account. For more information, see Creating a service account.
- Enable the following services:
secretmanager.googleapis.com
(Secret Manager API)connectors.googleapis.com
(Connectors API)
To understand how to enable services, see Enabling services.
If these services or permissions have not been enabled for your project previously, you are prompted to enable them when configuring the connector.
Configure the connector
Configuring the connector requires you to create a connection to your data source (backend system). A connection is specific to a data source. It means that if you have many data sources, you must create a separate connection for each data source. To create a connection, do the following steps:
- In the Cloud console, go to the Integration Connectors > Connections page and then select or create a Google Cloud project.
- Click + CREATE NEW to open the Create Connection page.
- In the Location section, choose the location for the connection.
- Region: Select a location from the drop-down list.
For the list of all the supported regions, see Locations.
- Click NEXT.
- Region: Select a location from the drop-down list.
- In the Connection Details section, complete the following:
- Connector: Select Box from the drop down list of available Connectors.
- Connector version: Select the Connector version from the drop down list of available versions.
- In the Connection Name field, enter a name for the Connection instance.
Connection names must meet the following criteria:
- Connection names can use letters, numbers, or hyphens.
- Letters must be lower-case.
- Connection names must begin with a letter and end with a letter or number.
- Connection names cannot exceed 63 characters.
- Optionally, enter a Description for the connection instance.
- Service Account: Select a service account that has the required roles.
- Optionally, configure the Connection node settings:
- Minimum number of nodes: Enter the minimum number of connection nodes.
- Maximum number of nodes: Enter the maximum number of connection nodes.
A node is a unit (or replica) of a connection that processes transactions. More nodes are required to process more transactions for a connection and conversely, fewer nodes are required to process fewer transactions. To understand how the nodes affect your connector pricing, see Pricing for connection nodes. If you don't enter any values, by default the minimum nodes are set to 2 (for better availability) and the maximum nodes are set to 50.
- Impersonate User Mode: Specify the type of the user impersonation. It should be whether the User mode or the Admin mode.
- Use proxy: Select this checkbox to configure a proxy server for the connection and configure the following values:
-
Proxy Auth Scheme: Select the authentication type to authenticate with the proxy server. The following authentication types are supported:
- Basic: Basic HTTP authentication.
- Digest: Digest HTTP authentication.
- Proxy User: A user name to be used to authenticate with the proxy server.
- Proxy Password: The Secret manager secret of the user's password.
-
Proxy SSL Type: The SSL type to use when connecting to the proxy server. The following authentication types are supported:
- Auto: Default setting. If the URL is an HTTPS URL, then the Tunnel option is used. If the URL is an HTTP URL, then the NEVER option is used.
- Always: The connection is always SSL enabled.
- Never: The connection is not SSL enabled.
- Tunnel: The connection is through a tunneling proxy. The proxy server opens a connection to the remote host and traffic flows back and forth through the proxy.
- In the Proxy Server section, enter details of the proxy server.
- Click + Add destination.
- Select a Destination Type.
- Host address: Specify the hostname or IP address of the destination.
If you want to establish a private connection to your backend system, do the following:
- Create a PSC service attachment.
- Create an endpoint attachment and then enter the details of the endpoint attachment in the Host address field.
- Host address: Specify the hostname or IP address of the destination.
- Optionally, click + ADD LABEL to add a label to the Connection in the form of a key/value pair.
- Click NEXT.
-
In the Authentication section, enter the authentication details.
- Select an Authentication type and enter the relevant details.
The following authentication types are supported by the Box connection:
- OAuth 2.0 - Client credentials
- OAuth 2.0 - Authorization code
- Click NEXT.
To understand how to configure these authentication types, see Configure authentication.
- Select an Authentication type and enter the relevant details.
- Review: Review your connection and authentication details.
- Click Create.
Configure authentication
Enter the details based on the authentication you want to use.
-
OAuth 2.0 - Client credentials
- Client ID: The client id provided by connector for the app you created.
- Client Secret: Secret Manager Secret containing the client secret for the connected app you created.
- Private Key: Secret Manager Secret containing the contents of the private key file. The private key should match the public key/certificate provided to Connector.
- Private Key Password: Secret Manager Secret containing the password (paraphrase) of the private key file.
- Box Application Access Level: Application Access level for the Box App
- Enterprise Id/User Id: Enterprise Id if App level is enterprise and User Id if App Level is user
- OAuth JWT Public Key Id: The Id of the public key for JWT.
- Auth Scheme: Auth Scheme for Box Connector
- Initiatiate OAuth: Initiatiate OAuth parameter for Box Connector
- OAuth JWT Cert Type: OAuth JWT Cert Type for Box Connector
- OAuth 2.0 - Authorization code
- Client ID: Client ID as provided by your external application.
- Scopes: Permission scopes. For example,
root_readonly
. To understand how the scopes work and to view all the available scopes for Box, see Scopes. - Client secret: Select the Secret Manager secret. You should have created the Secret Manager secret prior configuring this authorization.
- Secret version: Secret Manager secret version for client secret.
For the Authorization code
authentication type, after creating the connection, you
should perform a few additional steps for configuring authentication. For more information,
see Additional steps after connection creation.
Additional steps after connection creation
If you selected OAuth 2.0 - Authorization code
for
authentication, you must do the following additional steps after creating the connection:
- In the Connections page,
locate the newly created connection.
Notice that the Status for the new connector will be Authorization required.
- Click Authorization required.
This shows the Edit authorization pane.
- Copy the Redirect URI value to your external application.
- Verify the authorization details.
- Click Authorize.
If the authorization is successful, the connection status will be set to Active in the Connections page.
Re-authorization for authorization code
If you are using Authorization code
authentication type and have made any cofiguration changes in your Box application,
you must re-authorize your Box connection. To re-authorize a connection, perform the following steps:
- Click on the required connection in the Connections page.
This opens the connection details page.
- Click Edit to edit the connection details.
- Verify the OAuth 2.0 - Authorization code details in the Authentication section.
If required, make the necessary changes.
- Click Save. This takes you to the connection details page.
- Click Edit authorization in the Authentication section. This shows the Authorize pane.
- Click Authorize.
If the authorization is successful, the connection status will be set to Active in the Connections page.
Entities, operations, and actions
All the Integration Connectors provide a layer of abstraction for the objects of the connected application. You can access an application's objects only through this abstraction. The abstraction is exposed to you as entities, operations, and actions.
- Entity: An entity can be thought of as an object, or a collection of properties, in the
connected application or service. The definition of an entity differs from a connector to a
connector. For example, in a database connector, tables are the entities, in a
file server connector, folders are the entities, and in a messaging system connector,
queues are the entities.
However, it is possible that a connector doesn't support or have any entities, in which case the
Entities
list will be empty. - Operation: An operation is the activity that you can perform on an entity. You can perform
any of the following operations on an entity:
Selecting an entity from the available list, generates a list of operations available for the entity. For a detailed description of the operations, see the Connectors task's entity operations. However, if a connector doesn't support any of the entity operations, such unsupported operations aren't listed in the
Operations
list. - Action: An action is a first class function that is made available to the integration
through the connector interface. An action lets you make changes to an entity or entities, and
vary from connector to connector. Normally, an action will have some input parameters, and an output
parameter. However, it is possible
that a connector doesn't support any action, in which case the
Actions
list will be empty.
Actions
This section lists all the actions supported by the Box connection.
DownloadFile action
This action lets you download a file from your Box instance.
Input parameters of the DownloadFile action
Parameter Name | Data Type | Required | Description |
---|---|---|---|
FileID | String | Yes | The ID of the file to download. |
HasBytes | Boolean | Yes | Specifies whether do download the file as a string or as a Base64 encoded string. |
Output parameters of the DownloadFile action
This action returns the status 200 (OK) with a response body indicating the results.
Parameter Name | Data Type | Description |
---|---|---|
Success | String | Specifies whether fhe file download was successful. |
ContentBytes | String | The file content as a Base64 encoded string. |
For example on how to configure the DownloadFile
action,
see Action examples.
UploadFile action
This action lets you upload a file to your Box instance.
Input parameters of the UploadFile action
Parameter Name | Data Type | Required | Description |
---|---|---|---|
ParentID | String | Yes | ID of the folder in which you want to upload the file. If this parameter isn't specified, the file will be uploaded to the root of the Box account. The default value is 0. |
Content | String | Yes | The file content to be uploaded. |
Output parameters of the UploadFile action
This action returns the status 200 (OK) with a response body indicating the results.
Parameter Name | Data Type | Description |
---|---|---|
Success | String | Specifies whether fhe file upload was successful. |
ID | String | ID of the newly created file. |
VersionID | String | ID of a specific version of the file. |
Hash | String | The SHA1 hash of the file. |
Etag | String | Etag value of the file or the folder. The default value is 0. |
For example on how to configure the UploadFile
action,
see Action examples.
CopyFile action
This action lets you copy a file from your Box instance.
Input parameters of the CopyFile action
Parameter Name | Data Type | Required | Description |
---|---|---|---|
FileID | String | Yes | ID of the file you want to copy. |
DestinationFolderId | String | No | ID of the destination folder where you want to copy the file. If you don't specify any value, the latest version of the file is copied. |
NewName | String | Yes | New file name for the copied file. |
Output parameters of the CopyFile action
This action returns the status 200 (OK) with a response body indicating the results.
Parameter Name | Data Type | Description |
---|---|---|
Success | String | Specifies whether fhe file copy was successful. |
ID | String | ID of the copied file. |
For example on how to configure the CopyFile
action,
see Action examples.
CopyFolder action
This action lets you copy an entire folder from your Box instance.
Input parameters of the CopyFolder action
Parameter Name | Data Type | Required | Description |
---|---|---|---|
FolderID | String | Yes | ID of the folder you want to copy. |
DestinationFolderId | String | Yes | ID of the destination folder where you want to copy the folder. |
NewName | String | No | New file name for the copied folder. |
Output parameters of the CopyFolder action
This action returns the status 200 (OK) with a response body indicating the results.
Parameter Name | Data Type | Description |
---|---|---|
Success | String | Specifies whether the folder copy was successful. |
ID | String | ID of the copied folder. |
For example on how to configure the CopyFolder
action,
see Action examples.
Action examples
This section describes how to perform some of the actions in this connector.
Example - Download a file
- In the
Configure connector task
dialog, clickActions
. - Select the
DownloadFile
action, and then click Done. - In the Task Input section of the Connectors task, click
connectorInputPayload
and then enter a value similar to the following in theDefault Value
field:{ "FileID": "1283194869422", "HasBytes": true }
This example downloads a file as a Base64 encoded string. If the action is successful, your
connector task's connectorOutputPayload
response
parameter will have a value similar to the following:
[ { "Success": "True"}, {"ContentBytes": "JVBERi0xLjQKJcfl9OXwCjIgMCBvYmoKJSBbMjRdIAo8PAovRmlsdGVy"} ]
Example - Upload a file
- In the
Configure connector task
dialog, clickActions
. - Select the
UploadFile
action, and then click Done. - In the Task Input section of the Connectors task, click
connectorInputPayload
and then enter a value similar to the following in theDefault Value
field:{ "ParentId": "0", "Content": "12345" }
This example uploads string content as a file. If the action is successful, your
connector task's connectorOutputPayload
response
parameter will have a value similar to the following:
[{ "Success": "true", "ID": "1283902965389", "VersionID": "1403546001389", "Hash": "8cb2237d0679ca88db6464eac60da96345513964", "Etag": "0" }]
Example - Copy a file
- In the
Configure connector task
dialog, clickActions
. - Select the
CopyFile
action, and then click Done. - In the Task Input section of the Connectors task, click
connectorInputPayload
and then enter a value similar to the following in theDefault Value
field:{ "FileID": "1288751886061", "DestinationFolderId": "219105724517", "NewName": "NewCopiedFile" }
This example copies the file with ID 1288751886061
to the folder with ID 219105724517
. If the action is successful, your
connector task's connectorOutputPayload
response
parameter will have a value similar to the following:
[{ "Success": "true", "ID": "1308006018536" }]
Example - Copy a folder
- In the
Configure connector task
dialog, clickActions
. - Select the
CopyFolder
action, and then click Done. - In the Task Input section of the Connectors task, click
connectorInputPayload
and then enter a value similar to the following in theDefault Value
field:{ "FolderID": "218475301279", "DestinationFolderId": "0", "NewName": "NewCopiedFolder" }
This example copies the folder with ID 218475301279
to the folder with ID 219105724517
. If the action is successful, your
connector task's connectorOutputPayload
response
parameter will have a value similar to the following:
[{ "Success": "true", "ID": "226312444517" }]
Entity operation examples
Example - List all the files
This example lists the files in the Files
entity.
- In the
Configure connector task
dialog, clickEntities
. - Select
Files
from theEntity
list. - Select the
LIST
operation, and then click Done. - Optionally, you can enter values in the filterClause to filter the result set.
Example - Get a ticket
This example gets a specific ticket from the Tickets
entity.
- In the
Configure connector task
dialog, clickEntities
. - Select
Tickets
from theEntity
list. - Select the
GET
operation, and then click Done. - In the Task Input section of the Connectors task, click EntityId and
then enter
35
in the Default Value field.Here,
35
is the primary key value of theTickets
entity.
Example - Create a ticket
This example creates a ticket in the Tickets
entity.
- In the
Configure connector task
dialog, clickEntities
. - Select
Tickets
from theEntity
list. - Select the
Create
operation, and then click Done. - In the Task Input section of the Connectors task, click
connectorInputPayload
and then enter a value similar to the following in theDefault Value
field:{ "Subject": "Create_Ticket_01", "Description": "Test", "Type": "incident", "Priority": "urgent", "Status": "open", "Recipient": null, "HasIncidents": false, "DueAt": null, "RequesterId": 3.84625885158E11, "SubmitterId": 3.84625883418E11, "AssigneeId": 3.84625883418E11, "OrganizationId": "16665992392721", "GroupId": 3.60008282358E11, "TicketFormId": 3.60001719218E11, "BrandId": 3.60003285058E11 }
If the integration is successful, the connector task's
connectorOutputPayload
field will have a value similar to the following:{ "Id": 38.0 }
Example - Update a ticket
This example updates the specified ticket in the Tickets
entity.
- In the
Configure connector task
dialog, clickEntities
. - Select Tickets from the
Entity
list. - Select the
Update
operation, and then click Done. - In the Task Input section of the Connectors task, click
connectorInputPayload
and then enter a value similar to the following in theDefault Value
field:{ "Subject": "Update_Ticket_02", "Description": "Updating the ticket", "RequesterId": 1.6854335860497E13 }
- Click entityId, and then enter
35
in the Default Value field.Alternately, instead of specifying the entityId, you can also set the filterClause to
35
.If the integration is successful, the connector task's
connectorOutputPayload
field will have a value similar to the following:{ Id": 35.0 }
Example - Delete a ticket
This example deletes the specified ticket from the Tickets
entity.
- In the
Configure connector task
dialog, clickEntities
. - Select Tickets from the
Entity
list. - Select the
Delete
operation, and then click Done. - In the Task Input section of the Connectors task, click entityId and
then enter
35
in the Default Value field.
Use terraform to create connections
You can use the Terraform resource to create a new connection.To learn how to apply or remove a Terraform configuration, see Basic Terraform commands.
To view a sample terraform template for connection creation, see sample template.
When creating this connection by using Terraform, you must set the following variables in your Terraform configuration file:
Parameter name | Data type | Required | Description |
---|---|---|---|
impersonate_user_mode | ENUM | True | Specify the type of the user impersonation. It should be whether the User mode or the Admin mode. Supported values are: User, Admin |
proxy_enabled | BOOLEAN | False | Select this checkbox to configure a proxy server for the connection. |
proxy_auth_scheme | ENUM | False | The authentication type to use to authenticate to the ProxyServer proxy. Supported values are: BASIC, DIGEST, NONE |
proxy_user | STRING | False | A user name to be used to authenticate to the ProxyServer proxy. |
proxy_password | SECRET | False | A password to be used to authenticate to the ProxyServer proxy. |
proxy_ssltype | ENUM | False | The SSL type to use when connecting to the ProxyServer proxy. Supported values are: AUTO, ALWAYS, NEVER, TUNNEL |
Use the Box connection in an integration
After you create the connection, it becomes available in both Apigee Integration and Application Integration. You can use the connection in an integration through the Connectors task.
- To understand how to create and use the Connectors task in Apigee Integration, see Connectors task.
- To understand how to create and use the Connectors task in Application Integration, see Connectors task.
Get help from the Google Cloud community
You can post your questions and discuss this connector in the Google Cloud community at Cloud Forums.What's next
- Understand how to suspend and resume a connection.
- Understand how to monitor connector usage.
- Understand how to view connector logs.