Skip to main content
Box.com Connector
Ian Mitchell avatar
Written by Ian Mitchell
Updated over a year ago

Our Box connector allows you to use your Box.com account for both External Post Production and Asset delivery. So you can harness their scalable and secure storage with your post-production providers and as a final resting place for your assets once they are done in Creative Force.

Please note that in order to authenticate the created Custom Apps access to the Box "Admin console" is needed for which you require a Box Business plan.

Further information here.

This article will show you the steps to set up the integration in Box.com.

Box uses JSON Web Tokens (JWT) as the most common way of connecting to External applications like Creative Force. Further information can be found in their knowledge base article on the topic.

The JWT flow

Part 1: Create a custom app in Box.com

  1. As a first step, you will want to ensure that you have two-factor authentication turned on for your Box account, via your Account settings as shown below:

2. From there, you will want to navigate to the Dev Console via https://app.box.com/developers/console

3. Once you are in the Dev Console, you will need to create a new app, by selecting "Custom App" from the options as shown below:

4. Then you can select Server Authentication (with JWT) and choose the name of the application and then create the app.

Note: You will need to have different Custom apps for External Post and Asset Delivery. Similarly, if you have multiple Asset Delivery locations or External Post Production Providers within your Box account, you will want to have custom apps for each.

When the app has been created, you will want to then navigate to the Application Scope section, and then allow for the following settings:

  • Read all files and folders stored in Box

  • Write all files and folders stored in Box

  • Manage webhooks

Note: If you change these settings in the future, you will have to reauthorize the app.

Part 2: Authorize and enable the app

  1. After defining the application scope, you can move over to the Webhooks section. Click Manage Signature Keys, from here, you can generate the Primary key and Secondary key.

Note: You must do this step before generating a Public/Private Keypair in order for the config.json file to have all the required info later when setting up the connection to Box.com in Gamma.

2. Then, move to the Configuration section and navigate to Add and Manage Public Keys so that you can generate a Public/Private Keypair. You will need to save the config.json file for use later during the step-up steps in Gamma.

Note: This step requires Two-factor Authentication to be enabled.


The first time you click on Generate a Public/Private Keypair you will be asked for a two-factor authentication step. Once done, it will redirect you back to the app page where you can click on Generate a Public/Private Keypair again, and the JSON file will be downloaded.

3. Afterward, navigate to the Authorisation section and click on Review and Submit

4. After this is done, you will need to go to the Admin section to enable the app.

Once in the Admin Section, navigate to the Apps section and, Custom Apps. From there, you can Authorise the app.

Part 3: Final set-up create folders on Admin account



After the app has been authorized by an Admin, you will want to go to the "App Details" out of the Dev. Console and copy your service account ID:

Once copied, you can go back into your Account and create an Upload and Download folder for your External Vendor and/or the Final Asset Delivery location folder:

Under "Invite additional people" you can paste in the previously copied service account ID:

That way the folders are now shared with the External Vendor.

From here, you are ready to connect Box.com with Creative Force as a post-production vendor here or as a delivery option here.

Did this answer your question?