Box apps are applications that enable you to connect to your Box account from within a third party vendor’s account or open/create content in Box using a third party vendor’s application.
An example of each:
-
Accessing your Box account from within Outlook to create and share a link to a file or folder
-
Creating a Google Doc or Word Document within the Box web interface
Vendors work with Box to have their app listed in Box’s App store which you can access by going to https://oregonstate.app.box.com/apps or clicking on the Apps link in your profile menu. These “published” applications are enabled by default as they have completed an application process with Box.
Applications that have not completed the application process and are not listed in Box’s app store are “unpublished” applications. Unpublished applications may also be applications written by you or someone else using Box’s API. Unpublished applications are disabled by default in OSU’s Box instance. Please see OSU's Box Approved Apps page.
How do I add an app to my account?
Published apps can be added by clicking on the “+Add” button on the app’s description page. That will install and enable that app on your Box account.
Unpublished apps have to be individually permitted in order to work on OSU’s Box instance. To do that the developer has to provide the client_id or API for the application. These are available to the application developer in the application settings in their Box Developers account. Until they are provided the application will not work. Submit a support request along with the above information to IS Support to have an unpublished app enabled.
The published app isn’t working, now what?
Not all published apps use or are compatible with OSU’s SSO process. In those instances you will need to set an external password. (Please see how to set an external password and external password requirements on OSU’s Box FAQ page). Examples of apps that are not compatible are FTP and WebDAV.
If the app is said to be compatible with SSO or OAuth then it may be that the developer has not set up the application completely. In that case it may be necessary to manually publish the client_id or API from the app. The developer will need to provide this in order for us to enable the app.
How do I get support for Box Apps?
IS Support will provide tier 1 and tier 2 support for applications listed on the Approved Apps page on this site. For other third party applications, published or unpublished, you will need to first contact the application’s support team for support. In some cases it may be necessary to engage IS Support to assist in solving a problem with a third party application. In those instances submit a request along with the following information:
-
Application vendor.
-
Name of the application if different from #1.
-
Application support/Documentation (link or attachment).
-
Description of the problem.
-
List of steps you tried along with any steps the application support team had you attempt along with any screenshots of the issue (optional). Please include any information the application's support team wishes to relay to us.
-
Tell us what OS you use. If the app is used with a browser, what browser you were using at the time and if you tried any other browsers.
-
POC and/or support request number for the application vendor.
I noticed that the app has a fee associated with it.
Many apps require that you have an account with the vendor or that you license their app to use it. Unless the app is provided as a part of OSU’s Box service or another service then any costs must be paid by your department or unit.
Are third party apps secure?
The contract that OSU has with box about security, privacy, export policy, and storage location does not cover these applications. You need to be circumspect in using Box apps if there is any concern with respect to your data in these area. After all, you are responsible for your data.
Each application vendor will have a terms of service, privacy policy, and possibly a security statement. You should review these in advance to find out what protections are afforded your data. If it is not clear you should call their support team to get clarification. Every vendor handles your data differently. There will be cases where your data is processed and stored, even temporarily, on their infrastructure. There are also cases where your data may be moved out of your Box account to their servers. OSU requires by default that any web integration use SSL to ensure data is not transferred unencrypted. That does not protect your data at rest on a third party vendor system.