Box

Capabilities overview

Box is a cloud-based content management system with collaboration, security, analytics and other features related to files and information. Box helps users easily manage and share files across a business.

Box pricing page

Supported capability Required plan Details
Passwordless SSO Business plan High SSO tax
Automated provisioning Business plan API (create, remove, update accounts)
Password manager Any Auto-fill / Auto-capture

Prerequisites

In order to integrate idemeum with Box you will first need to obtain SAML metadata parameters for your idemeum tenant. Specifically you will need:

  • SAML XML metadata file

You will need to navigate to idemeum admin portal and download SAML metadata file. Instructions for how to do that are below.

How to obtain SAML metadata for idemeum
SAML metadata is the data that describes the information needed to communicate between your SaaS application and idemeum in order to enable Single Sign-On. Based on SAML terminology SaaS application is called Service Provider (SP) and idemeum will be Identity Provider (IDP). Typically you will be a…

Passwordless Single Sign-On (SAML)

Configure SSO in Box

Setting up Box and idemeum SAML integration is a manual process and will involve contacting Box support team to help out with the process.

  • You will need to open a support ticket with Box and request the team to add idemeum as Single Sign-On provider.
  • You can use this link to open the ticket with Box team.
  • When you open the ticket and fill out the form, make sure you include the following information:
    • idemeum XML metadata file that you obtained in the prerequisites section
    • Attribute for user email - Email
    • Attribute for firstname - FirstName
    • Attribute for lastname - LastName
  • It make take up to 24 hours to process the request, and the Box support team will confirm if any additional information is required.

Configure SSO in idemeum

  • Navigate to your idemeum admin portal at https://[your domain].idemeum.com/adminportal
  • Click Applications in the left menu
  • Search for Box application and click Add App
  • Click SAML at the top navigation menu
  • Enter your Box subdomain. You can get it from your URL -> https://[your subdomain].box.com
  • Click Save

Automated provisioning

  • Navigate to idemeum admin portal
  • Locate Box app
  • Click Provisioning
  • Click Authorize. You will need to enter admin credentials and authorize idemeum to provision users into Box.
  • Click Save

Application entitlements

Before users can access applications you need to make sure you entitle applications to them. In idemeum admin portal navigate to Entitlements section to assign applications to your employees.


SAML SSO login flows

Box supports both:

  • IDP Initiated Flow
  • SP Initiated Flow

IDP Initiated flow

With this flow users first navigate to idemeum user catalog and then click on Box icon to launch application.

SP Initiated flow

With this flow users can directly go to Box and login with passwordless SSO.

  • Navigate to your Box tenant at https://[your subdomain].box.com
  • Type in your email and you will be redirected to idemeum to do passwordless login