Box

​

About Box

​

How It Works

​

Prerequisites

• Browser popups allowed for your Iru domain.
• A Box account with sufficient rights for the folders and users under review.

​

Connect Box to Iru

• Box
• Iru Compliance

Complete this tab before you enable Box in Iru Compliance, so the right user is ready for OAuth.

1

Sign in to Box

Open box.com and sign in with the account you will use in the OAuth popup (prefer co-admin or admin visibility for org-wide evidence).

2

Confirm enterprise visibility

Browse Admin Console (or equivalent) and spot-check users, groups, and folders your audit program must cover. If this user cannot see an object in Box, Iru cannot read it either.

3

Review OAuth scopes

Skim Box’s OAuth 2.0 and Scopes docs so the consent screen matches your expectations.

4

Allow pop-ups for Iru

In the browser profile you will use for Compliance, allow pop-ups for your Iru hostname so the Box consent window is not blocked.

Continue on the Iru Compliance tab.

Finish the Box tab first.

1

Open Sources

In Iru Compliance, on the left navigation bar, expand Compliance and select Sources.

2

Turn on Box

Find Box (use Category or Search by name or description). On that card, turn on the toggle. A browser tab or window may open for the connector wizard.

3

Start OAuth from the wizard

Choose Launch OAuth (or the equivalent control) in the connector wizard.

4

Sign in to Box and approve

Complete Box login, review scopes, and select Grant access to Box (wording may read Grant). Close the popup when the wizard tells you to.

5

Finish the connection

When the Box popup closes and Iru finishes the token exchange, the wizard shows Connection Configured.

6

Confirm the source is Active

Close the Iru is requesting access to external services browser tab, then return to Compliance → Sources and confirm the Box card is Active.

​

Troubleshooting

​

Considerations

​

Related Articles