Prerequisites for Creating a Connection

Before you can create a connection with the Box Adapter, you must satisfy the following prerequisites.

• Sign Up for a Box Developer Account

• Create an OAuth Application

• Get Your Client ID and Secret

• Enter Your Redirect URL
• Get Your Signature Keys

  Note:

  You need to get these keys only if you want to use a webhook notification to trigger the start of an integration flow. These keys validate that the notification originated from Box.

Sign Up for a Box Developer Account

To integrate, extend, and build applications with the Box Platform and Oracle Integration, you must have a Box developer account.

To create an account, visit the Box Developers website (https://developer.box.com), click Sign Up, and follow the on-screen instructions.

Don't forget to review the terms and documentation after you get your account.

Create an OAuth Application

To obtain the proper access token to execute the Box API securely, the Box Adapter uses the Box OAuth 2.0 authentication and authorization framework.

For information about OAuth 2.0 supported by Box, see the documentation on the Box website:

https://developer.box.com/en/guides/authentication/

To create an OAuth application on the Box platform and enable this authentication route:

1. Sign in to the Box Developer console.
2. Click Create New App.
3. In the resulting page to choose the application type, select Custom App.
4. In the Custom App dialog, select the option User Authentication (OAuth 2.0).
5. Enter a unique name for your app in the App Name field.
6. Click Create App.

Your application is now configured and ready to be used.

Get Your Client ID and Secret

When you create the OAuth application, Box automatically generates a client ID and a client secret.

To get your client values:

1. Sign in to the Box Developer console.
2. Click Configuration.
3. Scroll the page to the OAuth 2.0 Credentials section.
4. Copy the values for your client ID and client secret. You'll need to enter those values in the Credentials dialog when you configure security for your connection in Oracle Integration.

Enter Your Redirect URL

Enter the OAuth callback URL of your Oracle Integration instance.

1. Sign in to the Box Developer console.
2. Click the Configuration tab at the top of the page.
3. Scroll to the OAuth 2.0 Redirect URI section.
4. In the Redirect URI field, enter the OAuth callback URL of your Oracle Integration instance. Your redirect URI should have the following syntax.

   Note:

   If you don't know the following information, check with your administrator:

   • If your instance is new or upgraded from Oracle Integration Generation 2 to Oracle Integration 3.
   • The complete instance URL with the region included (required for new instances).

   For Connections…	Include the Region as Part of the Redirect URL?	Example of Redirect URL to Specify…
   Created on new Oracle Integration 3 instances	Yes.	https://OIC_instance_URL.region.ocp.oraclecloud.com/icsapis/agent/oauth/callback
   Created on instances upgraded from Oracle Integration Generation 2 to Oracle Integration 3	No. This applies to both: New connections created after the upgrade Existing connections that were part of the upgrade	https://OIC_instance_URL.ocp.oraclecloud.com/icsapis/agent/oauth/callback

Get Your Signature Keys

If you want to use a webhook notification to trigger the start of an integration flow, you need to generate the keys for primary and secondary signatures. These keys validate that the notification originated from Box.

The Box Adapter secures webhook notifications by verifying the notifications against signature keys. These keys are used to sign every notification from Box to ensure that the notification is authentic.

To ensure no downtime, Box uses two signature keys for signing webhook notifications. Verifying either signature can be deemed as sufficient to verify the authenticity of the message. Therefore, one key can be regenerated and changed in Oracle Integration enabling the remaining key to still work. The other key can be updated once the first key has been updated. This two-key approach ensures that there's no downtime in notification verification.

To get the signature keys:

1. Sign in to the Box Developer console.
2. Open the OAuth application that you created.
3. Click the Webhooks tab.
4. Generate the keys for the primary and secondary signatures.
5. Copy the values for the signature keys. You'll need to enter those values in the Credentials dialog when you configure security for your connection in Oracle Integration.