Before you begin, make sure that you have completed the following prerequisites.
In Box, make sure you have:
-
A Box Enterprise or Box Enterprise Plus account.
-
Created a Box custom app in the Box Developer Console and configured it to use Server Authentication (with JWT).
-
Set your App Access Level to App + Enterprise Access and allowed it to Make API calls using the as-user header.
-
Used the admin user to add the following Application Scopes in your Box app:
-
Write all files and folders stored in a Box
-
Manage users
-
Manage groups
-
Manage enterprise properties
-
-
Generated and downloaded Public/Private key pair including a client ID, a client secret, a public key ID, private key ID, a pass phrase, and an enterprise ID to use as authentication credentials. See Public and private keypair
for more details. -
Copied your Box enterprise ID either from your Box Developer Console settings or from your Box app. For example,
801234567.
In your AWS account, make sure you have:
-
Created a Amazon Q Business application.
-
Created an IAM role for your data source and, if using the Amazon Q API, noted the ARN of the IAM role.
-
Stored your Box authentication credentials in an AWS Secrets Manager secret and, if using the Amazon Q API, noted the ARN of the secret.
Note
If you’re a console user, you can create the IAM role and Secrets Manager secret as part of configuring your Amazon Q application on the console.
For a list of things to consider while configuring your data source, see Data source connector configuration best practices.
Note
For more information on connecting Box to Amazon Q Business,
see Discover insights from Box with the Amazon Q Box connector
