Box
Org & personal connection
Box can be connected at the org level (shared credential for all groups) or personally by each team member. Admins set up the org connection; individuals connect their own account for personal access.
How to connect
Click "Connect with OAuth" below to authorize On Belay to access your Box account. You'll be redirected to Box to approve the connection — no credentials to copy or paste.
Heads-up for your Box admin: if your Box enterprise has "Disable unpublished apps by default" enabled (the security default), your admin needs to whitelist the On Belay app in the Box Admin Console before any user can connect. Share this guide with them.
Admin walkthrough (one-time per enterprise):
Sign in to Box as an admin or co-admin and open the Admin Console
Go to Apps → Custom Apps Manager
Click Authorize New App
Paste On Belay's Client ID (your On Belay admin can provide it — it'll be in the Box developer console once Engineering registers the OAuth app)
Confirm and authorize
After your admin has authorized the app, come back here and click "Connect with OAuth." The connection runs as the user who authorizes — connect from an admin or co-admin account for full enterprise access.
Ready to connect?
Sign in to On Belay and open the Integrations page to add Box.
Permissions (scopes)
These are the data scopes On Belay can be granted for Box. Your org admin controls which scopes are enabled per group.
| Scope | Description | Access |
|---|---|---|
root_readwrite | Read and write files and folders | Read / Write |
manage_managed_users | Read enterprise user directory | Read only |
Troubleshooting
"redirect_uri_mismatch" error during OAuth
https://app.onbelay.ai/api/oauth-callback/box to the allowed redirect URIs in your OAuth app settings."invalid_scope" error
Connected but Claude can't access data
Still stuck? We're happy to help.
Contact support →