The CData Sync App provides a straightforward way to continuously pipeline your Box data to any database, data lake, or data warehouse, making it easily available for Analytics, Reporting, AI, and Machine Learning.
The Box connector can be used from the CData Sync application to pull data from Box and move it to any of the supported destinations.
The Sync App models the Box Content API as a relational database, which can be queried with standard SQL.
For required properties, see the Settings tab.
For connection properties that are not typically required, see the Advanced tab.
The Sync App enables access to metadata for Box tables and folders. Note that the Sync App cannot update the contents of files stored on Box or model file content as tables and columns.
Box provides embedded OAuth credentials that simplify connection from a Desktop application . To connect from a Web application, you must create a custom OAuth application, as described in Creating a Custom OAuth Application.
The following subsections describe how to authenticate to Box from the available OAuth flows. For information about how to create a custom OAuth application, and why you might want to create one even for auth flows that already have embedded OAuth credentials, see Creating a Custom OAuth Application.
For a complete list of connection string properties available in Box, see Connection.
To use a service account, you must create and authorize a custom OAuth application, as described in Creating a Custom OAuth Application. You can then connect to whatever Box data the service account is permitted to access.
After setting the following connection properties, you are ready to connect:
When you connect the Sync App completes the OAuth flow for a service account.
In cases where it may not be feasible to use a file in your system. you can copy the contents of the JSON file directly into the connection string. Set these properties:
This section details a selection of advanced features of the Box Sync App.
The Sync App allows you to define virtual tables, called user defined views, whose contents are decided by a pre-configured query. These views are useful when you cannot directly control queries being issued to the drivers. See User Defined Views for an overview of creating and configuring custom views.
Use SSL Configuration to adjust how Sync App handles TLS/SSL certificate negotiations. You can choose from various certificate formats; see the SSLServerCert property under "Connection String Options" for more information.
Configure the Sync App for compliance with Firewall and Proxy, including Windows proxies and HTTP proxies. You can also set up tunnel connections.
The Sync App offloads as much of the SELECT statement processing as possible to Box and then processes the rest of the query in memory (client-side).
See Query Processing for more information.
See Logging for an overview of configuration settings that can be used to refine CData logging. For basic logging, you only need to set two connection properties, but there are numerous features that support more refined logging, where you can select subsets of information to be logged using the LogModules connection property.
By default, the Sync App attempts to negotiate SSL/TLS by checking the server's certificate against the system's trusted certificate store.
To specify another certificate, see the SSLServerCert property for the available formats to do so.
To connect through the Windows system proxy, you do not need to set any additional connection properties. To connect to other proxies, set ProxyAutoDetect to false.
In addition, to authenticate to an HTTP proxy, set ProxyAuthScheme, ProxyUser, and ProxyPassword, in addition to ProxyServer and ProxyPort.
Set the following properties:
The Sync App enables access to metadata for Box tables and folders, as well as related entities such as Users, Tasks, and Groups.
Views are read-only tables that model Box entities such as FileVersions and UserEvents.
Stored Procedures are function-like interfaces to Box. They can be used to perform tasks such as downloading, uploading, and copying files.
You can use ExposeCollectionViews to expose your Box collections as separate views and query the metadata information of their files and folders. The name of the generated views are prefixed with "Collection_". Additionally, AsUserId can be used to expose the collections of only a certain user and IncludeCustomFields can be used to expose custom metadata fields as columns on these views.
The Sync App models the data in Box as a list of tables in a relational database that can be queried using standard SQL statements.
| Name | Description |
| Bookmarks | Query, insert, update and delete the available bookmarks in Box. |
| Collaborations | Create, update, delete, and query the available Collaborations in Box. |
| Comments | Create, update, delete, and query the available Comments in Box. |
| Folders | Create, update, delete, and query the available Folders in Box. |
| Groups | Create, update, delete, and query the available Groups in Box. |
| Memberships | Create, update, delete, and query the available Memberships in Box. |
| MetadataTemplates | Create, update, delete and query the Metadata Templates in Box |
| TaskAssignments | Create, update, delete, and query the available Task Assignments in Box. |
| Tasks | Create, update, delete, and query the available Tasks in Box. |
| TrashedItems | Delete and query the available TrashedItems in Box. |
| Users | Create, update, delete, and query the available Users in Box. |
Query, insert, update and delete the available bookmarks in Box.
If you search for bookmarks without specifying any condition in the WHERE Clause, by default only the bookmarks that are at most 5 levels deep from the root folder will be returned. You can change the default depth value in the connection string; e.g. DirectoryRetrievalDepth=10.
SELECT * FROM Bookmarks
Retrieve a bookmark by specifying the Id:
SELECT * FROM Bookmarks WHERE Id = '8397822180'
To search all the bookmarks in your enterprise, query the bookmarks table with the column SearchTerms.
SELECT * FROM Bookmarks WHERE SearchTerms LIKE '%CData%' AND OwnerUserIds = '311997108,1'
To search all the bookmarks within a specific folder, query the bookmarks table with the ParentId column.
SELECT * FROM Bookmarks WHERE ParentId = 62297447480
If you're authenticated as an administrator with user impersonation permissions, you can query bookmarks from multiple user accounts:
SELECT * FROM Bookmarks WHERE AsUserId IN (SELECT Id FROM Users)
Note: User impersonation has the following limitations:
To insert a bookmark you must specify at least the URL and ParentId column.
INSERT INTO Bookmarks (Url, Name, Description, ParentId) VALUES ('https://www.cdata.com/', 'CData', 'Visit CData!', 0)
Any column where ReadOnly=False can be updated.
UPDATE Bookmarks SET Name = 'CData Updated Bookmark', ParentId = 62297447480 WHERE Id = 8397822180
Bookmarks can be deleted by providing an Id and issuing a DELETE statement. This bookmark is then moved to TrashedItems.
DELETE FROM Bookmarks WHERE Id = 8397822180
| Name | Type | ReadOnly | Description |
| Id [KEY] | String | True |
The Id of the bookmark. |
| Url | String | False |
The URL of the bookmark. |
| Name | String | False |
The name of the bookmark. |
| Description | String | False |
The description of the bookmark. |
| ParentId | String | False |
The Id of the folder that contains the bookmark. |
| CreatedAt | Datetime | True |
The date the content of the bookmark was created at. |
| CreatedById | String | True |
The Id of the user that created the bookmark. |
| CreatedByName | String | True |
The Name of the user that created the bookmark. |
| CreatedByLogin | String | True |
The Login of the user that created the bookmark. |
| ModifiedAt | Datetime | True |
The date the content of the bookmark was modified at. |
| ModifiedById | String | True |
The Id of the user that last modified the bookmark. |
| ModifiedByName | String | True |
The Name of the user that last modified the bookmark. |
| ModifiedByLogin | String | True |
The Login of the user that last modified the bookmark. |
| OwnedById | String | True |
The Id of the user that owns the bookmark. |
| OwnedByName | String | True |
The Name of the user that owns the bookmark. |
| OwnedByLogin | String | True |
The Login of the user that owns the bookmark. |
| Etag | String | True |
The Etag of the bookmark |
| SequenceId | String | True |
The sequence Id of the bookmark. |
| SharedLink | String | True |
The shared url of the bookmark. |
| ItemStatus | String | True |
The status of the bookmark. |
| Path | String | True |
The full path of the bookmark. |
| AsUserId | String | False |
The Id of the user you want to impersonate. Only works with Admin, Co-Admin and Service Accounts. |
Pseudo column fields are used in the WHERE clause of SELECT statements and offer a more granular control over the tuples that are returned from the data source.
| Name | Type | Description |
| SearchTerms | String |
Query to search the bookmarks database. |
| Scope | String |
The scope of the search. The allowed values are user_content, enterprise_content. |
| OwnerUserIDs | String |
The Ids of the owners to limit the search to, separated by a comma. |
| AncestorFolderIDs | String |
The Ids of the folders to limit the search to, separated by a comma. |
Create, update, delete, and query the available Collaborations in Box.
Collaborations are connections between Folders and Groups; i.e., one Group could be collaborating on a specific Collaboration.
To query the Collaborations table, specify an Id, FolderId, or a GroupId.
SELECT * FROM Collaborations WHERE Id = '123'
If you're authenticated as an administrator with user impersonation permissions, you can query collaborations from multiple user accounts:
SELECT * FROM Collaborations WHERE AsUserId IN (SELECT Id FROM Users)
Note: User impersonation has the following limitations:
To insert into Collaborations you need to connect a Folder with a Group or a User and assign a Role to them.
INSERT INTO Collaborations (Role, ItemId, ItemType, AccessibleById, AccessibleByType) VALUES ('admin', '1', 'folder', '2', 'user')
Only the Role and the Status of the Collaboration can be updated.
UPDATE Collaborations SET Role = 'viewer', Status = 'accepted' WHERE Id = '100'
Collaborations can be deleted by providing an Id and issuing a DELETE statement.
DELETE FROM Collaborations WHERE Id = '100'
| Name | Type | ReadOnly | Description |
| Id [KEY] | String | True |
The Id of the collaboration. |
| CreatedAt | Datetime | True |
The date the collaboration was created at. |
| ModifiedAt | Datetime | True |
The date the collaboration was modified at. |
| AcknowledgedAt | Datetime | True |
The date the collaboration was acknowledged. |
| CreatedById | String | True |
The Id of the user that created the collaboration. |
| Status | String | False |
The status of the collaboration. |
| Role | String | False |
The role of the user or group of the collaborator. Allowed values are editor, viewer, previewer, uploader, previewer uploader, viewer uploader, co-owner, or owner |
| ItemId | String | False |
The Id of the item the collaboration is related to. |
| ItemType | String | False |
The type of the item the collaboration is related to. |
| AccessibleById | String | False |
The Id of the group/user that can access this collaboration. |
| AccessibleByType | String | False |
The type of the entity of Accessible_By_Id. The allowed values are group, user. |
| AccessibleByLogin | String | False |
The login of the the Accessible_By_Id. |
| AsUserId | String | False |
The Id of the user you want to impersonate. Only works with Admin, Co-Admin and Service Accounts. |
Pseudo column fields are used in the WHERE clause of SELECT statements and offer a more granular control over the tuples that are returned from the data source.
| Name | Type | Description |
| FolderId | String |
The Id of the folder the collaboration is related to. |
| GroupId | String |
The Id of the group the collaboration is related to. |
Create, update, delete, and query the available Comments in Box.
Comments are additional information passed on to a File. These Comments can also have child Comments.
To query the Comments table specify an Id or a FileId.
SELECT * FROM Comments WHERE Id = '123'
If you're authenticated as an administrator with user impersonation permissions, you can query comments from multiple user accounts:
SELECT * FROM Comments WHERE AsUserId IN (SELECT Id FROM Users)
Note: User impersonation has the following limitations:
To insert into Comments you need to specify the item to insert the Comment into and the Message. You need to either specify a Message or a TaggedMessage but not both.
INSERT INTO Comments (ItemId, ItemType, Message) VALUES ('1', 'file', 'example comment')
Only the message of the Comment can be updated.
UPDATE Comments SET Message = 'editor' WHERE Id = '100'
Comments can be deleted by providing an Id and issuing a DELETE statement.
DELETE FROM Comments WHERE Id = '100'
| Name | Type | ReadOnly | Description |
| Id [KEY] | String | True |
The Id of the comment. |
| Message | String | False |
The plain message of the comment. Use only this or tagged_message not both. |
| TaggedMessage | String | False |
The tagged message of the comment. Setting this as @[USER_ID:USERNAME] tags the user and notifies him. A tagged message that does not contain a proper tag will give an error. |
| ItemId | String | False |
The Id of the item the comment is targeted to. |
| ItemType | String | False |
The type of the item the comment is targeted to. This can be a file or another comment. The allowed values are file, comment. |
| CreatedById | String | True |
The id of the user that created the item. |
| CreatedByName | String | True |
The name of the user that created the item. |
| CreatedByLogin | String | True |
The login user that created the item. |
| CreatedAt | Datetime | True |
The date the item was created. |
| AsUserId | String | False |
The Id of the user you want to impersonate. Only works with Admin, Co-Admin and Service Accounts. |
Pseudo column fields are used in the WHERE clause of SELECT statements and offer a more granular control over the tuples that are returned from the data source.
| Name | Type | Description |
| FileID | String |
The File ID the comment is connected to, is not used to insert to this table. |
Update, delete, and query the available Files in Box.
If you search for files without specifying any condition in the WHERE Clause, by default only the files that are at most 5 levels deep from the root folder will be returned. You can change the default depth value in the connection string; e.g. DirectoryRetrievalDepth=10.
SELECT * FROM Files
To search all the Files in your enterprise, query the Files table with the column SearchTerms.
SELECT * FROM Files WHERE SearchTerms LIKE '%untitled%'
To search all the Files within a specific folder, query the Files table with a filter on the relevant folder's Id in the ParentId column.
SELECT * FROM Files WHERE ParentId = '12'
Any column where ReadOnly=False can be updated.
UPDATE Files SET Description = 'example description', Sharedlink = 'http://sharedlink.com', OwnedbyId = '321', ParentId = '12', Name = 'updated file name' WHERE Id = '123'
Files can be deleted by providing an Id and issuing a DELETE statement. This file is then moved to TrashedItems
DELETE FROM Files WHERE Id = '100'
| Name | Type | ReadOnly | Description |
| SearchTerms | String | True |
Query to search the files database. |
| Id [KEY] | String | True |
The Id of the file. |
| Name | String | False |
The name of the file. |
| Sha1 | String | False |
The SHA-1 encryption of the file. |
| Etag | String | False |
The Etag of the file |
| SequenceId | String | False |
The sequence Id of the file. |
| Description | String | False |
The description of the file. |
| Size | Integer | True |
The size of the file. |
| CreatedAt | Datetime | True |
The date the file was created at. |
| ModifiedAt | Datetime | True |
The date the file was modified at. |
| TrashedAt | Datetime | True |
The date the file was trashed at. |
| PurgedAt | Datetime | True |
The date the file was purged at. |
| ContentCreatedAt | Datetime | True |
The date the content of the file was created at. |
| ContentModifiedAt | Datetime | True |
The date the content of the file was modified at. |
| CreatedById | String | True |
The Id of the user that created the file. |
| CreatedByName | String | True |
The Name of the user that created the file. |
| CreatedByLogin | String | True |
The Login of the user that created the file. |
| SharedLink | String | False |
The shared url of the file. |
| ModifiedById | String | True |
The Id of the user that last modified the file. |
| ModifiedByName | String | True |
The Name of the user that last modified the file. |
| ModifiedByLogin | String | True |
The Login of the user that last modified the file. |
| OwnedById | String | False |
The Id of the user that owns the file. |
| OwnedByName | String | False |
The Name of the user that owns the file. |
| OwnedByLogin | String | False |
The Login of the user that owns the file. |
| ParentId | String | False |
The Id of the folder that contains the file. |
| ItemStatus | String | False |
The status of the file. |
| Path | String | True |
The full path of the file. |
Pseudo column fields are used in the WHERE clause of SELECT statements and offer a more granular control over the tuples that are returned from the data source.
| Name | Type | Description |
| Scope | String |
The scope of the search. |
| FileExtension | String |
The extension of the file. |
| ContentTypes | String |
The content to search the query at, separated by commas. This can contain a mixture of the following: name, file_content, description, comments, tags. |
| OwnerUserIDs | String |
The Ids of the owners to limit the search to, separated by a comma. |
| AncestorfolderIDs | String |
The Ids of the folders to limit the search to, separated by a comma. |
| AsUserId | String |
The Id of the user you want to impersonate. Only works with Admin, Co-Admin and Service Accounts. |
Create, update, delete, and query the available Folders in Box.
If you search for folders without specifying any condition in the WHERE Clause, by default only the folders that are at most 5 levels deep from the root folder will be returned. You can change the default depth value in the connection string; e.g. DirectoryRetrievalDepth=10.
SELECT * FROM Folders
To search all the Folders in your enterprise, query the Folders table with the column SearchTerms.
SELECT * FROM Folders WHERE SearchTerms LIKE '%untitled%'
To search all the Folders within a specific folder, query the Folders table with the ParentId column..
SELECT * FROM Folders WHERE ParentId = '12'
If you're authenticated as an administrator with user impersonation permissions, you can query folders from multiple user accounts:
SELECT * FROM Folders WHERE AsUserId IN (SELECT Id FROM Users)
Note: User impersonation has the following limitations:
You're required to specify the name of the Folder and also the Id of the parent Folder. Use 0 for the root Folder's ParentId.
INSERT INTO Folders (Name, ParentId, SharedLink, Description, Access, OwnedById) VALUES ('new folder', '0', 'http://sharedlink.com', 'example desc', 'open', '123')
Any column where ReadOnly=False can be updated.
UPDATE Folders SET Description = 'example description', Access = 'open', SharedLink = 'http://sharedlink.com', OwnedById = '321', ParentId = '12', Name = 'no longer new folder' WHERE Id = '123'
Folders can be deleted by providing an Id and issuing a DELETE statement.
DELETE FROM Folders WHERE Id = '123'
| Name | Type | ReadOnly | Description |
| SearchTerms | String | True |
Query to search the folders database. |
| Id [KEY] | String | True |
The Id of the folder. |
| Name | String | False |
The name of the folder. |
| Etag | String | True |
The Etag of the folder |
| SequenceId | String | False |
The sequence Id of the folder. |
| Description | String | False |
The description of the folder. |
| Access | String | False |
The email access of this folder to. The allowed values are open, collaborators. |
| Size | Integer | True |
The size of the file. |
| CreatedAt | Datetime | True |
The date the file was created at. |
| ModifiedAt | Datetime | True |
The date the file was modified at. |
| TrashedAt | Datetime | True |
The date the folder was trashed at. |
| PurgedAt | Datetime | True |
The date the folder was purged at. |
| ContentCreatedAt | Datetime | True |
The date the content of the folder was created at. |
| ContentModifiedAt | Datetime | True |
The date the content of the folder was modified at. |
| CreatedBy | String | True |
The Id of the user that created the folder. |
| CreatedByName | String | True |
The Name of the user that created the folder. |
| CreatedByLogin | String | True |
The Login of the user that created the folder. |
| SharedLink | String | False |
The Id of the user that created the folder. |
| ModifiedBy | String | True |
The Id of the user that last modified the folder. |
| ModifiedByName | String | True |
The Name of the user that last modified the folder. |
| ModifiedByLogin | String | True |
The Login of the user that last modified the folder. |
| OwnedById | String | False |
The Id user that owns the folder. |
| OwnedByName | String | True |
The Name of the user that owns the folder. |
| OwnedByLogin | String | True |
The Login of the user that owns the folder. |
| ParentId | String | False |
The Id of the folder that contains the folder. |
| ItemStatus | String | True |
The status of the folder. |
| Path | String | True |
The full path of the folder. |
| AsUserId | String | False |
The Id of the user you want to impersonate. Only works with Admin, Co-Admin and Service Accounts. |
Pseudo column fields are used in the WHERE clause of SELECT statements and offer a more granular control over the tuples that are returned from the data source.
| Name | Type | Description |
| Scope | String |
The scope of the search. |
| ContentTypes | String |
The content to search the query at, separated by commas. This can contain a mixture of the following: name, file_content, description, comments, tags. |
| OwnerUserIDs | String |
The Ids of the owners to limit the search to, separated by a comma. |
| AncestorfolderIDs | String |
The Ids of the folders to limit the search to, separated by a comma. |
Create, update, delete, and query the available Groups in Box.
You can retrieve all the Groups or filter them by Id.
SELECT * FROM Groups
If you're authenticated as an administrator with user impersonation permissions, you can query groups from multiple user accounts:
SELECT * FROM Groups WHERE AsUserId IN (SELECT Id FROM Users)
Note: User impersonation has the following limitations:
Only the Name column is required to create a Group.
INSERT INTO Groups (Name, Provenance, MemberViewabilityLevel) VALUES ('new group', 'google', 'admins_only')
Any column where ReadOnly=False can be updated.
UPDATE Groups SET InvitabilityLevel = 'admins_and_members' WHERE Id = '111'
Groups can be deleted by providing an Id and issuing a DELETE statement.
DELETE FROM Groups WHERE Id = '111'
| Name | Type | ReadOnly | Description |
| ID [KEY] | String | True |
The Id of the group. |
| Name | String | False |
The name of the group. |
| Provenance | String | False |
Typically used to track the external source where the group is coming from. |
| ExternalSyncIdentifier | String | False |
Typically used as a group identifier for groups coming from an external source. |
| Description | String | False |
The description of the group. |
| InvitabilityLevel | String | False |
Specifies who can invite this group to folders. |
| MemberViewabilityLevel | String | False |
Specifies who can view the members of this group. |
| CreatedAt | Datetime | True |
The date the group was created at, you need to specify an Id to recieve this column. |
| ModifiedAt | Datetime | True |
The date the group was modified at, you need to specify an Id to recieve this column. |
| AsUserId | String | False |
The Id of the user you want to impersonate. Only works with Admin, Co-Admin and Service Accounts. |
Create, update, delete, and query the available Memberships in Box.
Memberships are the relations between a User and a Group.
To select from the Memberships table you need to specify an Id, a GroupId or a UserId.
SELECT * FROM Memberships WHERE Id = '123'
If you're authenticated as an administrator with user impersonation permissions, you can query memberships from multiple user accounts:
SELECT * FROM Memberships WHERE AsUserId IN (SELECT Id FROM Users)
Note: User impersonation has the following limitations:
To insert into Memberships you need to connect a Group (GroupId) with a User (UserId).
INSERT INTO Memberships (GroupId, UserId) VALUES (1001, 123)
Only the role of the Member can be updated. The default role is 'member' with option for 'admin'
UPDATE Memberships SET Role = 'admin' WHERE Id = '100'
Memberships can be deleted by providing an Id and issuing a DELETE statement.
DELETE FROM Memberships WHERE Id = '100'
| Name | Type | ReadOnly | Description |
| Id [KEY] | String | True |
The Id of the membership. |
| Role | String | False |
The role of the user that is in this membership. |
| CreatedAt | Datetime | True |
The date the membership was created at, you need to specify an Id to recieve this column. |
| ModifiedAt | Datetime | True |
The date the membership was modified at, you need to specify an Id to recieve this column. |
| UserName | String | True |
The name of the user of the membership. |
| UserLogin | String | True |
The login of the user of the membership. |
| UserId | String | False |
The id of the user of the membership. |
| GroupName | String | False |
The group name of the membership. |
| GroupId | String | False |
The group of the membership. |
| AsUserId | String | False |
The Id of the user you want to impersonate. Only works with Admin, Co-Admin and Service Accounts. |
Create, update, delete and query the Metadata Templates in Box
You can retrieve information about the Metadata Template.
SELECT * FROM MetadataTemplates
You can also retrieve the information of any Template in your enterprise:
SELECT * FROM MetadataTemplates WHERE Id = 'e93746cc-03f6-4dee-ab45-01834989950c'
You can insert Metadata Template for your enterprise.
Insert a single field to the Template.
INSERT INTO MetadataTemplates (DisplayName, Scope, FieldsDisplayName, FieldsType) VALUES ('TestTemplate', 'enterprise', 'TestField', 'String')
Insert multiple fields to the Template.
INSERT INTO MetadataFields#TEMP (FieldDisplayName, FieldType, FieldOptions) VALUES ('Industry', 'enum', 'Technology, HealthCare')
INSERT INTO MetadataFields#TEMP (FieldDisplayName, FieldType) VALUES ('Contact Role', 'string')
INSERT INTO MetadataTemplates (DisplayName, Scope, FieldsAggregate) VALUES ('TestTemplate', 'enterprise', 'MetadataFields#TEMP')
Add field to the existing Template.
UPDATE MetadataTemplates SET Op = 'addField', FieldsKey = 'category', FieldsDisplayName = 'Category', FieldsisHidden = false, FieldsType = 'string' WHERE Scope = 'enterprise' AND TemplateKey = 'TestTemplate'
Update Fields in the Template.
UPDATE MetadataTemplates SET Op = 'editField', FieldsKey = 'Category', FieldsDescription = 'The Product Category' WHERE Scope = 'enterprise' AND TemplateKey = 'TestTemplate'
ReOrder Fields in the Template.
UPDATE MetadataTemplates SET Op = 'reorderFields', FieldsKey = 'Category,Industry,Contact' WHERE Scope = 'enterprise' AND TemplateKey = 'TestTemplate'
Remove Fields from the Template.
UPDATE MetadataTemplates SET Op = 'removeField', FieldsKey = 'Industry' WHERE Scope = 'enterprise' AND TemplateKey = 'TestTemplate'
Add Enum Options to the EnumField.
UPDATE MetadataTemplates SET Op = 'addEnumOption', FieldsKey = 'Industry', EnumOptionKey = 'AL' WHERE Scope = 'enterprise' AND TemplateKey = 'TestTemplate'
ReOrder Enum Options in the EnumField.
UPDATE MetadataTemplates SET Op = 'reorderEnumOptions', FieldsKey = 'industry', EnumOptionKey = 'AL,AK,AR,N/A' WHERE Scope = 'enterprise' AND TemplateKey = 'TestTemplate'
Update Enum Options in the EnumField. Specify Present value, New value in the EnumOption column separated with comma.
UPDATE MetadataTemplates SET Op = 'editEnumOption', FieldsKey = 'industry', EnumOptionKey = 'N/A,Outside USA' WHERE Scope = 'enterprise' AND TemplateKey = 'TestTemplate'
Remove Enum Options from the EnumField
UPDATE MetadataTemplates SET Op = 'removeEnumOption', FieldsKey = 'industry', EnumOptionKey = 'Outside USA' WHERE Scope = 'enterprise' AND TemplateKey = 'TestTemplate'
MetadataTemplates can be deleted by providing Scope and TemplateKey and issuing a DELETE statement.
DELETE FROM MetadataTemplates WHERE Scope = 'enterprise' AND TemplateKey = 'TestTemplate'
| Name | Type | ReadOnly | Description |
| Id [KEY] | String | True |
The ID of the metadata template. |
| TemplateKey | String | False |
A unique identifier for the template. This identifier is unique across the scope of the enterprise to which the metadata template is being applied, yet is not necessarily unique across different enterprises |
| CopyInstanceOnItemCopy | Boolean | False |
Whether or not to copy the metadata for a file or folder when an it is copied. |
| DisplayName | String | False |
The display name of the template |
| FieldsId [KEY] | String | True |
The Unique Id of the Metadata Template field |
| FieldsKey | String | False |
A unique identifier for the field. The identifier must be unique within the template to which it belongs. |
| FieldsDisplayName | String | False |
The display name of the field as it is shown to the user in the web and mobile apps. |
| FieldsType | String | False |
The type of field |
| FieldsDescription | String | False |
A description of the field |
| FieldsisHidden | Boolean | False |
Whether this field is hidden in the UI for the user and can only be set through the API instead. |
| FieldsOptions | String | False |
A list of options for this field. This is used in combination with the enum and multiSelect field types. |
| TemplateisHidden | Boolean | False |
Defines if this template is visible in the Box web app UI, or if it is purely intended for usage through the API |
| Scope | String | False |
The scope of the metadata template. |
| Type | String | True |
Type of the template. Value is always metadata_template |
Pseudo column fields are used in the WHERE clause of SELECT statements and offer a more granular control over the tuples that are returned from the data source.
| Name | Type | Description |
| Op | String |
The type of change to perform on the template. Some of these are hazardous as they will change existing templates. The allowed values are editTemplate, addField, reorderFields, addEnumOption, reorderEnumOptions, reorderMultiSelectOptions, addMultiSelectOption, editField, removeField, editEnumOption, removeEnumOption, editMultiSelectOption, removeMultiSelectOption. |
| EnumOptionKey | String |
Update Only: For operations that affect multiple enum options this defines the keys of the options that are affected. |
| MultiSelectOptionKey | String |
Update Only: For operations that affect multiple multi select options this defines the keys of the options that are affected. |
| FieldsAggregate | String |
To insert more than one fields in the Template. The accepted columns are FieldsDisplayName, FieldsType, FieldsDescription, FieldsKey, FieldsisHidden, FieldsOptions |
Create, update, delete, and query the available Task Assignments in Box.
Task Assignments are Tasks assigned to a specific User.
To select from the TaskAssignments table you need to specify an Id or a TaskId.
SELECT * FROM TaskAssignments WHERE Id = '123'
If you're authenticated as an administrator with user impersonation permissions, you can query task assignments from multiple user accounts:
SELECT * FROM TaskAssignments WHERE AsUserId IN (SELECT Id FROM Users)
Note: User impersonation has the following limitations:
To insert into Task Assignments you need to connect a Task (TaskId) with a User (AssignedToId).
INSERT INTO TaskAssignments (TaskId, AssignedToId) VALUES (1001, 123)
Only the Message of the Task Assignment or its ResolutionState can be updated.
UPDATE TaskAssignments SET Message = 'x', ResolutionState = 'completed' WHERE Id = '111'
Task Assignments can be deleted by providing an Id and issuing a DELETE statement.
DELETE FROM TaskAssignments WHERE Id = '111'
| Name | Type | ReadOnly | Description |
| Id [KEY] | String | True |
The Id of the task assignment. |
| TaskId | String | False |
The Id of the task to assign. |
| AssignedToId | String | False |
The Id of the user to assign the task to. |
| AssignedToName | String | False |
The Name of the user the task is assigned to. |
| AssignedToLogin | String | False |
The Login of the user the task is assigned to. |
| ItemType | String | False |
The the type of the item the task assignment is connected to. |
| ItemId | String | False |
The the id of the item the task assignment is connected to. |
| ItemName | String | False |
The the name of the item the task assignment is connected to. |
| Message | String | False |
The message attached to the task assignment. |
| AssignedById | String | False |
The Id of the user that assigned the task. |
| AssignedByName | String | False |
The Name of the user that assigned the task. |
| AssignedByLogin | String | False |
The Login of the user that assigned the task. |
| AssignedAt | Datetime | True |
The date the task was assigned at. |
| RemindedAt | Datetime | True |
The date of the task reminder. |
| CompletedAt | Datetime | True |
The date the task was completed at. |
| ResolutionState | String | False |
Determines if the task has been attended to or not. The allowed values are completed, incomplete, approved, rejected. |
| AsUserId | String | False |
The Id of the user you want to impersonate. Only works with Admin, Co-Admin and Service Accounts. |
Create, update, delete, and query the available Tasks in Box.
Tasks are jobs that are waiting to be assigned to someone. These tasks are related to an item, which generally is a File.
To select from the Tasks table you need to specify an Id or an ItemId.
SELECT * FROM Tasks WHERE Id = '123'
If you're authenticated as an administrator with user impersonation permissions, you can query tasks from multiple user accounts:
SELECT * FROM Tasks WHERE AsUserId IN (SELECT Id FROM Users)
Note: User impersonation has the following limitations:
ItemId is required to insert into Tasks table.Currently Box API supports only file as type of the item the task is for.
INSERT INTO Tasks (ItemId, ItemType, Action, Message) VALUES (1001, 'file', 'review', 'message')
The Message is required to perform an UPDATE to a specific task. Also, the Action and DueAt columns can be updated as well. The Action column is only able to take a 'review' value.
UPDATE Tasks SET Message = 'updated message', Action = 'review', DueAt = '2016-05-14' WHERE ID = '100'
You can only delete a Task by providing an Id.
DELETE FROM Tasks WHERE Id = '100'
| Name | Type | ReadOnly | Description |
| Id [KEY] | String | True |
The Id of the task. |
| DueAt | Datetime | False |
The date due of this task. |
| ItemId | String | False |
The Id of the item the task is targeted to. |
| ItemType | String | False |
The type of the item the task is targeted to. |
| Action | String | False |
The action the task assignee will be prompted to do. |
| Message | String | False |
An optional message to include with the task. |
| CreatedAt | Datetime | True |
The date that the task was created at. |
| CreatedById | String | True |
The id of user that created the task. |
| CreatedByName | String | True |
The name of the user that created the task. |
| CreatedByLogin | String | True |
The login of the user that created the task. |
| IsCompleted | Boolean | False |
If the task has been completed or not. |
| AsUserId | String | False |
The Id of the user you want to impersonate. Only works with Admin, Co-Admin and Service Accounts. |
Delete and query the available TrashedItems in Box.
TrashedItems are Files and Folders that have been deleted. This table supports only two operations: Select and Delete. Deleting from this table permanently deletes the File and is not recoverable.
To search in the TrashedItems table for a specific item, specify the type of the item (File,Folder or WEB_LINK).
SELECT * FROM TrashedItems WHERE SearchTerms LIKE '%Untitled%' AND Type = 'file'
Or, if you want to query a single deleted Folder you could execute a query like the following:
SELECT * FROM TrashedItems WHERE Id = '123' AND Type = 'folder'
Or, if you want to query a single deleted Bookmark you could execute a query like the following:
SELECT * FROM TrashedItems WHERE Id = '123' AND Type = 'web_link'
TrashedItems can be deleted by specifying the Id and the Type of the item and issuing a DELETE statement.
DELETE FROM TrashedItems WHERE Id = 'abc123' AND Type = 'file'
| Name | Type | ReadOnly | Description |
| SearchTerms | String | False |
Query to search the trashed items database. |
| Id [KEY] | String | False |
The Id of the trashed item. |
| Name | String | False |
The name of the trashed item. |
| Type | String | False |
The type of the item can be trashed item,folder or web_link. |
| Sha1 | String | False |
The SHA-1 encryption of the trashed item. |
| Etag | String | False |
The Etag of the trashed item. |
| SequenceId | String | False |
The sequence Id of the trashed item. |
| Description | String | False |
The description of the trashed item. |
| Size | Integer | False |
The size of the trashed item. |
| CreatedAt | Datetime | False |
The date the trashed item was created at. |
| ModifiedAt | Datetime | False |
The date the trashed item was modified at. |
| TrashedAt | Datetime | False |
The date the trashed item was trashed at. |
| PurgedAt | Datetime | False |
The date the trashed item was purged at. |
| ContentCreatedAt | Datetime | False |
The date the content of the trashed item was created at. |
| ContentModifiedAt | Datetime | False |
The date the content of the trashed item was modified at. |
| CreatedById | String | False |
The Id of the user that created the trashed item. |
| CreatedByName | String | False |
The Name of the user that created the trashed item.. |
| CreatedByLogin | String | False |
The Login of the user that created the trashed item.. |
| SharedLink | String | False |
The shared link of the user that created the trashed item. |
| ModifiedBy | String | False |
The Id of the user that last modified the trashed item. |
| ModifiedByName | String | False |
The Name of the user that last modified the trashed item.. |
| ModifiedByLogin | String | False |
The Login of the user that last modified the trashed item.. |
| OwnedById | String | False |
The Id of the user that owns the trashed item. |
| OwnedByName | String | False |
The Name of the user that owns the trashed item.. |
| OwnedByLogin | String | False |
The Login of the user that owns the trashed item.. |
| ParentId | String | False |
The Id of the folder that contains the trashed item. |
| ItemStatus | String | False |
The status of the trashed item. |
Pseudo column fields are used in the WHERE clause of SELECT statements and offer a more granular control over the tuples that are returned from the data source.
| Name | Type | Description |
| Scope | String |
The scope of the search. |
| FileExtension | String |
The extension of the trashed item. |
| SearchContent | String |
The content to search the query at, separated by commas. |
| AsUserId | String |
The Id of the user you want to impersonate. Only works with Admin, Co-Admin and Service Accounts. |
Create, update, delete, and query the available Users in Box.
You can retrieve information about the current User, a User in your enterprise specified by Id, or all the Users in the enterprise.
SELECT * FROM Users
You can also retrieve the information of any User who is in your enterprise:
SELECT * FROM Users WHERE Id = '1'
If you're authenticated as an administrator with user impersonation permissions, you can query users from multiple user accounts:
SELECT * FROM Users WHERE AsUserId IN (SELECT Id FROM Users)
Note: User impersonation has the following limitations:
You can invite a User to your enterprise. The following query will send an invitation email to join your enterprise.
INSERT INTO Users (Login, Name, Role) VALUES ('[email protected]', 'Username', 'coadmin')
Any column where ReadOnly=False can be updated.
UPDATE Users SET Name = 'Test', Role = 'user', IsExemptFromDeviceLimits = false WHERE Id = '111'
Users can be deleted by providing an Id and issuing a DELETE statement.
DELETE FROM Users WHERE Id = '111'
| Name | Type | ReadOnly | Description |
| Id [KEY] | String | True |
The Id of the user. When selecting you can set this to the value me to retrieve information for the logged-user. |
| Login | String | False |
The login of the user. |
| Name | String | False |
The name of the user. |
| EnterpriseId | String | False |
The id of the user's enterprise. Set this to null to disassociate the user from the enterprise. |
| Role | String | False |
The role of the user. |
| Language | String | False |
The preferred language of the user. |
| IsSyncEnabled | Boolean | False |
If the user is allowed to use Box Sync or not. |
| JobTitle | String | False |
The job title of the user. |
| Phone | String | False |
The phone of the user. |
| Address | String | False |
The address of the user. |
| SpaceAmount | Long | False |
The amount of space the user is allowed to use. |
| SpaceUsed | Long | False |
The amount of space the user has used. |
| MaxUploadSize | Long | False |
The maximum upload size the user is allowed to upload. |
| TrackingCodes | String | False |
The tracking codes of the user, separated by commas. |
| CanSeeManagedUsers | Boolean | False |
The date the content of the user was created at. |
| TimeZone | String | False |
The preferred timezone of the user. |
| IsExemptFromDeviceLimits | Boolean | False |
If the user is exempt from device limitations or not. |
| IsExemptFromLoginVerification | Boolean | False |
If the user is exempt from login verification or not. |
| Status | String | False |
The status of the user. |
| IsPasswordResetRequired | Boolean | False |
If the user should be asked to change his password on the next login or not. |
| CreatedAt | Datetime | True |
The date the user was created. |
| ModifiedAt | Datetime | True |
The date the user was modified. |
| AsUserId | String | False |
The Id of the user you want to impersonate. Only works with Admin, Co-Admin and Service Accounts. |
Views are similar to tables in the way that data is represented; however, views are read-only.
Queries can be executed against a view as if it were a normal table.
| Name | Description |
| Collections | List Collections in Box. |
| FileMetadataInstances | Retrieves all metadata instances fields applied to a given file. |
| FileVersions | Query the available file versions in the box. |
| RecentItems | List RecentItems in Box. |
| SharedItems | Query the available shared items in Box. |
| SignRequests | List all Sign Requests. |
| UserEvents | Query the available Events in Box. |
List Collections in Box.
| Name | Type | Description |
| Id | String | The unique identifier for this collection. |
| Name | String | The name of the collection. |
| Type | String | The type of the collection. |
| CollectionType | String | The type of the collection. This is used to determine the proper visual treatment for collections. |
Retrieves all metadata instances fields applied to a given file.
| Name | Type | Description |
| Id | String | A UUID to identify the metadata instance. |
| FileId [KEY] | String | The ID of the file. |
| Template | String | The name of the template. |
| Parent | String | The identifier of the item that this metadata instance has been attached to. This combines the type and the id of the parent in the form {type}_{id}. |
| Scope | String | An ID for the scope in which this template has been applied. This will be enterprise_{enterprise_id} for templates defined for use in this enterprise, and global for general templates that are available to all enterprises using Box. |
| Version | String | The version of the metadata instance. This version starts at 0 and increases every time a user-defined property is modified. |
| CanEdit | String | Whether the user can edit this metadata instance. |
| Type | String | A unique identifier for the type. |
| TypeVersion | String | The last-known version of the template of the object. |
| UserDefinedFieldName | String | The user-defined field name. |
| UserDefinedFieldValue | String | The value of the user defined field. |
Query the available file versions in the box.
File Versions contains information about older versions of a file. This table supports only SELECT operation.
FileId is required to search all the FileVersions in your files.
SELECT * FROM FileVersions WHERE FileId = '585442984153'
If you're authenticated as an administrator with user impersonation permissions, you can query file versions from multiple user accounts:
SELECT * FROM FileVersions WHERE AsUserId IN (SELECT Id FROM Users)
Note: User impersonation has the following limitations:
| Name | Type | Description |
| Id [KEY] | String | The ID of the file version. |
| FileId | String | The ID of the file. |
| CreatedAt | Datetime | The date the content of the file was created at. |
| ModifiedAt | Datetime | The date the content of the file was modified at. |
| ModifiedById | String | The Id of the user that last modified the file. |
| ModifiedByName | String | The Name of the user that last modified the file. |
| ModifiedByLogin | String | The Login of the user that last modified the file. |
| ModifiedByType | String | The Type of the user that last modified the file. |
| Name | String | The name of the file. |
| PurgedAt | Datetime | The date the content of the file was purged at. |
| RestoredAt | Datetime | The date the content of the file was modified at. |
| RestoredById | String | The Id of the user that last modified the file. |
| RestoredByLogin | String | The Name of the user that last modified the file. |
| RestoredByName | String | The Login of the user that last modified the file. |
| RestoredByType | String | The Type of the user that last modified the file. |
| Sha1 | String | The SHA-1 encryption of the file version. |
| Size | Int64 | The size of the file version. |
| TrashedAt | Datetime | The date the file version was trashed at. |
| TrashedById | String | The Id of the user that trashed the file. |
| TrashedByLogin | String | The Name of the user that trashed the file. |
| TrashedByName | String | The Login of the user that trashed the file. |
| TrashedByType | String | The Type of the user that trashed the file. |
| Type | String | Type of file versions. |
| AsUserId | String | The Id of the user you want to impersonate. Only works with Admin, Co-Admin and Service Accounts. |
List RecentItems in Box.
| Name | Type | Description |
| Type | String | The type of the recent item. |
| InteractedAt | Datetime | The time of the most recent interaction. |
| InteractionSharedLink | String | If the item was accessed through a shared link it will appear here, otherwise this will be null. |
| InteractionType | String | The most recent type of access the user performed on the item. |
| ItemId | String | The unique identifier for the recent item. |
List all Sign Requests.
| Name | Type | Description |
| SignRequestAggregate | String | A JSON Aggregate representing the SignRequest item. |
| AsUserId | String | The Id of the user you want to impersonate. Only works with Admin, Co-Admin and Service Accounts. |
Query the available Events in Box.
User events are logs that are saved after a change in a user's account.
Query all the current user's events:
SELECT * FROM UserEvents
If you're authenticated as an administrator with user impersonation permissions, you can query user events from multiple user accounts:
SELECT * FROM UserEvents WHERE AsUserId IN (SELECT Id FROM Users)
Note: User impersonation has the following limitations:
| Name | Type | Description |
| Id [KEY] | String | The Id of the event. |
| SourceId | String | The Id of the source that triggered the event. |
| SourceType | String | The type of the source that triggered the event. |
| CreatedById | String | The Id of the user that created the event. |
| CreatedByName | String | The Name of the user that created the event. |
| CreatedByLogin | String | The Login of the user that created the event. |
| CreatedAt | Datetime | The date the event was created at. This can only be used when requesting the events with a StreamType of admin_logs |
| RecordedAt | Datetime | The date the event was recorded at. |
| SessionId | String | The Id of the session of the event. |
| EventType | String | The type of the event. |
| ClassificationName | String | The classification name of the event. |
| AdditionalDetails | String | This object provides additional information about the event if available. This can include how a user performed an event as well as additional information to correlate an event to external KeySafe logs. Not all events have an additional_details object. This object is only available in the Enterprise Events. |
| AsUserId | String | The Id of the user you want to impersonate. Only works with Admin, Co-Admin and Service Accounts. |
Pseudo column fields are used in the WHERE clause of SELECT statements and offer a more granular control over the tuples that are returned from the data source.
| Name | Type | Description |
| StreamType | String | The type of events to stream.
The allowed values are all, changes, sync, admin_logs, admin_logs_streaming. |
The connection string properties are the various options that can be used to establish a connection. This section provides a complete list of the options you can configure in the connection string for this provider. Click the links for further details.
For more information on establishing a connection, see Establishing a Connection.
| Property | Description |
| AuthScheme | The type of authentication to use when connecting to Box. |
| ImpersonateUserMode | Specify the type of the user impersonation. It should be whether the User mode or the Admin mode. |
| Property | Description |
| OAuthClientId | The client Id assigned when you register your application with an OAuth authorization server. |
| OAuthClientSecret | The client secret assigned when you register your application with an OAuth authorization server. |
| Property | Description |
| OAuthJWTCert | The JWT Certificate store. |
| OAuthJWTCertType | The type of key store containing the JWT Certificate. |
| OAuthJWTCertPassword | The password for the OAuth JWT certificate. |
| OAuthJWTCertSubject | The subject of the OAuth JWT certificate. |
| OAuthJWTIssuer | The issuer of the Java Web Token. |
| OAuthJWTSubject | The user subject for which the application is requesting delegated access. |
| OAuthJWTSubjectType | The SubType for the JWT authentication. |
| OAuthJWTPublicKeyId | The Id of the public key for JWT. |
| Property | Description |
| SSLServerCert | The certificate to be accepted from the server when connecting using TLS/SSL. |
| Property | Description |
| FirewallType | The protocol used by a proxy-based firewall. |
| FirewallServer | The name or IP address of a proxy-based firewall. |
| FirewallPort | The TCP port for a proxy-based firewall. |
| FirewallUser | The user name to use to authenticate with a proxy-based firewall. |
| FirewallPassword | A password used to authenticate to a proxy-based firewall. |
| Property | Description |
| ProxyAutoDetect | This indicates whether to use the system proxy settings or not. |
| ProxyServer | The hostname or IP address of a proxy to route HTTP traffic through. |
| ProxyPort | The TCP port the ProxyServer proxy is running on. |
| ProxyAuthScheme | The authentication type to use to authenticate to the ProxyServer proxy. |
| ProxyUser | A user name to be used to authenticate to the ProxyServer proxy. |
| ProxyPassword | A password to be used to authenticate to the ProxyServer proxy. |
| ProxySSLType | The SSL type to use when connecting to the ProxyServer proxy. |
| ProxyExceptions | A semicolon separated list of destination hostnames or IPs that are exempt from connecting through the ProxyServer . |
| Property | Description |
| LogModules | Core modules to be included in the log file. |
| Property | Description |
| Location | A path to the directory that contains the schema files defining tables, views, and stored procedures. |
| BrowsableSchemas | This property restricts the schemas reported to a subset of the available schemas. For example, BrowsableSchemas=SchemaA,SchemaB,SchemaC. |
| Tables | This property restricts the tables reported to a subset of the available tables. For example, Tables=TableA,TableB,TableC. |
| Views | Restricts the views reported to a subset of the available tables. For example, Views=ViewA,ViewB,ViewC. |
| Property | Description |
| AsUserId | The Id of the user you want to impersonate. Only works with Admin, Co-Admin and Service Accounts. |
| DirectoryRetrievalDepth | Depth level of folder to query Folders and Files tables. |
| ExposeCollectionViews | Determines whether to expose every collection in your Box account as separate views. |
| IncludeCustomFields | Set to true if metadata templates should be exposed as custom columns of the table Files. |
| MaxRows | Limits the number of rows returned when no aggregation or GROUP BY is used in the query. This takes precedence over LIMIT clauses. |
| Other | These hidden properties are used only in specific use cases. |
| PseudoColumns | This property indicates whether or not to include pseudo columns as columns to the table. |
| Timeout | The value in seconds until the timeout error is thrown, canceling the operation. |
| UserDefinedViews | A filepath pointing to the JSON configuration file containing your custom views. |
This section provides a complete list of the Authentication properties you can configure in the connection string for this provider.
| Property | Description |
| AuthScheme | The type of authentication to use when connecting to Box. |
| ImpersonateUserMode | Specify the type of the user impersonation. It should be whether the User mode or the Admin mode. |
The type of authentication to use when connecting to Box.
Specify the type of the user impersonation. It should be whether the User mode or the Admin mode.
Specify the type of the user impersonation. It should be whether the User mode or the Admin mode. The Admin mode is available only for Enterprise with Governance accounts and will be upon request. It will not work for any other accounts.
This section provides a complete list of the OAuth properties you can configure in the connection string for this provider.
| Property | Description |
| OAuthClientId | The client Id assigned when you register your application with an OAuth authorization server. |
| OAuthClientSecret | The client secret assigned when you register your application with an OAuth authorization server. |
The client Id assigned when you register your application with an OAuth authorization server.
As part of registering an OAuth application, you will receive the OAuthClientId value, sometimes also called a consumer key, and a client secret, the OAuthClientSecret.
The client secret assigned when you register your application with an OAuth authorization server.
As part of registering an OAuth application, you will receive the OAuthClientId, also called a consumer key. You will also receive a client secret, also called a consumer secret. Set the client secret in the OAuthClientSecret property.
This section provides a complete list of the JWT OAuth properties you can configure in the connection string for this provider.
| Property | Description |
| OAuthJWTCert | The JWT Certificate store. |
| OAuthJWTCertType | The type of key store containing the JWT Certificate. |
| OAuthJWTCertPassword | The password for the OAuth JWT certificate. |
| OAuthJWTCertSubject | The subject of the OAuth JWT certificate. |
| OAuthJWTIssuer | The issuer of the Java Web Token. |
| OAuthJWTSubject | The user subject for which the application is requesting delegated access. |
| OAuthJWTSubjectType | The SubType for the JWT authentication. |
| OAuthJWTPublicKeyId | The Id of the public key for JWT. |
The JWT Certificate store.
The name of the certificate store for the client certificate.
The OAuthJWTCertType field specifies the type of the certificate store specified by OAuthJWTCert. If the store is password protected, specify the password in OAuthJWTCertPassword.
OAuthJWTCert is used in conjunction with the OAuthJWTCertSubject field in order to specify client certificates. If OAuthJWTCert has a value, and OAuthJWTCertSubject is set, a search for a certificate is initiated. Please refer to the OAuthJWTCertSubject field for details.
Designations of certificate stores are platform-dependent.
The following are designations of the most common User and Machine certificate stores in Windows:
| MY | A certificate store holding personal certificates with their associated private keys. |
| CA | Certifying authority certificates. |
| ROOT | Root certificates. |
| SPC | Software publisher certificates. |
In Java, the certificate store normally is a file containing certificates and optional private keys.
When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e. PKCS12 certificate store).
The type of key store containing the JWT Certificate.
This property can take one of the following values:
| USER | For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note: This store type is not available in Java. |
| MACHINE | For Windows, this specifies that the certificate store is a machine store. Note: this store type is not available in Java. |
| PFXFILE | The certificate store is the name of a PFX (PKCS12) file containing certificates. |
| PFXBLOB | The certificate store is a string (base-64-encoded) representing a certificate store in PFX (PKCS12) format. |
| JKSFILE | The certificate store is the name of a Java key store (JKS) file containing certificates. Note: this store type is only available in Java. |
| JKSBLOB | The certificate store is a string (base-64-encoded) representing a certificate store in Java key store (JKS) format. Note: this store type is only available in Java. |
| PEMKEY_FILE | The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate. |
| PEMKEY_BLOB | The certificate store is a string (base64-encoded) that contains a private key and an optional certificate. |
| PUBLIC_KEY_FILE | The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate. |
| PUBLIC_KEY_BLOB | The certificate store is a string (base-64-encoded) that contains a PEM- or DER-encoded public key certificate. |
| SSHPUBLIC_KEY_FILE | The certificate store is the name of a file that contains an SSH-style public key. |
| SSHPUBLIC_KEY_BLOB | The certificate store is a string (base-64-encoded) that contains an SSH-style public key. |
| P7BFILE | The certificate store is the name of a PKCS7 file containing certificates. |
| PPKFILE | The certificate store is the name of a file that contains a PPK (PuTTY Private Key). |
| XMLFILE | The certificate store is the name of a file that contains a certificate in XML format. |
| XMLBLOB | The certificate store is a string that contains a certificate in XML format. |
| BOXJSON | The certificate store is the name of a JSON file containing the service account credentials. Only valid when connecting to Box. |
| BOXJSONBLOB | The certificate store is a string that contains the service account JSON. Only valid when connecting to Box. |
The password for the OAuth JWT certificate.
If the certificate store is of a type that requires a password, this property is used to specify that password in order to open the certificate store.
The subject of the OAuth JWT certificate.
When loading a certificate the subject is used to locate the certificate in the store.
If an exact match is not found, the store is searched for subjects containing the value of the property.
If a match is still not found, the property is set to an empty string, and no certificate is selected.
The special value "*" picks the first certificate in the certificate store.
The certificate subject is a comma separated list of distinguished name fields and values. For instance "CN=www.server.com, OU=test, C=US, [email protected]". Common fields and their meanings are displayed below.
| Field | Meaning |
| CN | Common Name. This is commonly a host name like www.server.com. |
| O | Organization |
| OU | Organizational Unit |
| L | Locality |
| S | State |
| C | Country |
| E | Email Address |
If a field value contains a comma it must be quoted.
The issuer of the Java Web Token.
The issuer of the Java Web Token. This is typically either the Client Id or Email Address of the OAuth Application.
The user subject for which the application is requesting delegated access.
The user subject for which the application is requesting delegated access. Typically, the user account name or email address.
The SubType for the JWT authentication.
The SubType for the JWT authentication. Set this to "enterprise" or "user" depending on the type of token being requested.
The Id of the public key for JWT.
The Id of the public key for JWT. Set this to the value of your Public Key Id in your app settings.
This section provides a complete list of the SSL properties you can configure in the connection string for this provider.
| Property | Description |
| SSLServerCert | The certificate to be accepted from the server when connecting using TLS/SSL. |
The certificate to be accepted from the server when connecting using TLS/SSL.
If using a TLS/SSL connection, this property can be used to specify the TLS/SSL certificate to be accepted from the server. Any other certificate that is not trusted by the machine is rejected.
This property can take the following forms:
| Description | Example |
| A full PEM Certificate (example shortened for brevity) | -----BEGIN CERTIFICATE----- MIIChTCCAe4CAQAwDQYJKoZIhv......Qw== -----END CERTIFICATE----- |
| A path to a local file containing the certificate | C:\cert.cer |
| The public key (example shortened for brevity) | -----BEGIN RSA PUBLIC KEY----- MIGfMA0GCSq......AQAB -----END RSA PUBLIC KEY----- |
| The MD5 Thumbprint (hex values can also be either space or colon separated) | ecadbdda5a1529c58a1e9e09828d70e4 |
| The SHA1 Thumbprint (hex values can also be either space or colon separated) | 34a929226ae0819f2ec14b4a3d904f801cbb150d |
If not specified, any certificate trusted by the machine is accepted.
Use '*' to signify to accept all certificates. Note that this is not recommended due to security concerns.
This section provides a complete list of the Firewall properties you can configure in the connection string for this provider.
| Property | Description |
| FirewallType | The protocol used by a proxy-based firewall. |
| FirewallServer | The name or IP address of a proxy-based firewall. |
| FirewallPort | The TCP port for a proxy-based firewall. |
| FirewallUser | The user name to use to authenticate with a proxy-based firewall. |
| FirewallPassword | A password used to authenticate to a proxy-based firewall. |
The protocol used by a proxy-based firewall.
This property specifies the protocol that the Sync App will use to tunnel traffic through the FirewallServer proxy. Note that by default, the Sync App connects to the system proxy; to disable this behavior and connect to one of the following proxy types, set ProxyAutoDetect to false.
| Type | Default Port | Description |
| TUNNEL | 80 | When this is set, the Sync App opens a connection to Box and traffic flows back and forth through the proxy. |
| SOCKS4 | 1080 | When this is set, the Sync App sends data through the SOCKS 4 proxy specified by FirewallServer and FirewallPort and passes the FirewallUser value to the proxy, which determines if the connection request should be granted. |
| SOCKS5 | 1080 | When this is set, the Sync App sends data through the SOCKS 5 proxy specified by FirewallServer and FirewallPort. If your proxy requires authentication, set FirewallUser and FirewallPassword to credentials the proxy recognizes. |
To connect to HTTP proxies, use ProxyServer and ProxyPort. To authenticate to HTTP proxies, use ProxyAuthScheme, ProxyUser, and ProxyPassword.
The name or IP address of a proxy-based firewall.
This property specifies the IP address, DNS name, or host name of a proxy allowing traversal of a firewall. The protocol is specified by FirewallType: Use FirewallServer with this property to connect through SOCKS or do tunneling. Use ProxyServer to connect to an HTTP proxy.
Note that the Sync App uses the system proxy by default. To use a different proxy, set ProxyAutoDetect to false.
The TCP port for a proxy-based firewall.
This specifies the TCP port for a proxy allowing traversal of a firewall. Use FirewallServer to specify the name or IP address. Specify the protocol with FirewallType.
The user name to use to authenticate with a proxy-based firewall.
The FirewallUser and FirewallPassword properties are used to authenticate against the proxy specified in FirewallServer and FirewallPort, following the authentication method specified in FirewallType.
A password used to authenticate to a proxy-based firewall.
This property is passed to the proxy specified by FirewallServer and FirewallPort, following the authentication method specified by FirewallType.
This section provides a complete list of the Proxy properties you can configure in the connection string for this provider.
| Property | Description |
| ProxyAutoDetect | This indicates whether to use the system proxy settings or not. |
| ProxyServer | The hostname or IP address of a proxy to route HTTP traffic through. |
| ProxyPort | The TCP port the ProxyServer proxy is running on. |
| ProxyAuthScheme | The authentication type to use to authenticate to the ProxyServer proxy. |
| ProxyUser | A user name to be used to authenticate to the ProxyServer proxy. |
| ProxyPassword | A password to be used to authenticate to the ProxyServer proxy. |
| ProxySSLType | The SSL type to use when connecting to the ProxyServer proxy. |
| ProxyExceptions | A semicolon separated list of destination hostnames or IPs that are exempt from connecting through the ProxyServer . |
This indicates whether to use the system proxy settings or not.
This takes precedence over other proxy settings, so you'll need to set ProxyAutoDetect to FALSE in order use custom proxy settings.
To connect to an HTTP proxy, see ProxyServer. For other proxies, such as SOCKS or tunneling, see FirewallType.
The hostname or IP address of a proxy to route HTTP traffic through.
The hostname or IP address of a proxy to route HTTP traffic through. The Sync App can use the HTTP, Windows (NTLM), or Kerberos authentication types to authenticate to an HTTP proxy.
If you need to connect through a SOCKS proxy or tunnel the connection, see FirewallType.
By default, the Sync App uses the system proxy. If you need to use another proxy, set ProxyAutoDetect to false.
The TCP port the ProxyServer proxy is running on.
The port the HTTP proxy is running on that you want to redirect HTTP traffic through. Specify the HTTP proxy in ProxyServer. For other proxy types, see FirewallType.
The authentication type to use to authenticate to the ProxyServer proxy.
This value specifies the authentication type to use to authenticate to the HTTP proxy specified by ProxyServer and ProxyPort.
Note that the Sync App will use the system proxy settings by default, without further configuration needed; if you want to connect to another proxy, you will need to set ProxyAutoDetect to false, in addition to ProxyServer and ProxyPort. To authenticate, set ProxyAuthScheme and set ProxyUser and ProxyPassword, if needed.
The authentication type can be one of the following:
If you need to use another authentication type, such as SOCKS 5 authentication, see FirewallType.
A user name to be used to authenticate to the ProxyServer proxy.
The ProxyUser and ProxyPassword options are used to connect and authenticate against the HTTP proxy specified in ProxyServer.
You can select one of the available authentication types in ProxyAuthScheme. If you are using HTTP authentication, set this to the user name of a user recognized by the HTTP proxy. If you are using Windows or Kerberos authentication, set this property to a user name in one of the following formats:
user@domain domain\user
A password to be used to authenticate to the ProxyServer proxy.
This property is used to authenticate to an HTTP proxy server that supports NTLM (Windows), Kerberos, or HTTP authentication. To specify the HTTP proxy, you can set ProxyServer and ProxyPort. To specify the authentication type, set ProxyAuthScheme.
If you are using HTTP authentication, additionally set ProxyUser and ProxyPassword to HTTP proxy.
If you are using NTLM authentication, set ProxyUser and ProxyPassword to your Windows password. You may also need these to complete Kerberos authentication.
For SOCKS 5 authentication or tunneling, see FirewallType.
By default, the Sync App uses the system proxy. If you want to connect to another proxy, set ProxyAutoDetect to false.
The SSL type to use when connecting to the ProxyServer proxy.
This property determines when to use SSL for the connection to an HTTP proxy specified by ProxyServer. This value can be AUTO, ALWAYS, NEVER, or TUNNEL. The applicable values are the following:
| AUTO | Default setting. If the URL is an HTTPS URL, the Sync App will use the TUNNEL option. If the URL is an HTTP URL, the component will use the NEVER option. |
| ALWAYS | The connection is always SSL enabled. |
| NEVER | The connection is not SSL enabled. |
| TUNNEL | The connection is through a tunneling proxy. The proxy server opens a connection to the remote host and traffic flows back and forth through the proxy. |
A semicolon separated list of destination hostnames or IPs that are exempt from connecting through the ProxyServer .
The ProxyServer is used for all addresses, except for addresses defined in this property. Use semicolons to separate entries.
Note that the Sync App uses the system proxy settings by default, without further configuration needed; if you want to explicitly configure proxy exceptions for this connection, you need to set ProxyAutoDetect = false, and configure ProxyServer and ProxyPort. To authenticate, set ProxyAuthScheme and set ProxyUser and ProxyPassword, if needed.
This section provides a complete list of the Logging properties you can configure in the connection string for this provider.
| Property | Description |
| LogModules | Core modules to be included in the log file. |
Core modules to be included in the log file.
Only the modules specified (separated by ';') will be included in the log file. By default all modules are included.
See the Logging page for an overview.
This section provides a complete list of the Schema properties you can configure in the connection string for this provider.
| Property | Description |
| Location | A path to the directory that contains the schema files defining tables, views, and stored procedures. |
| BrowsableSchemas | This property restricts the schemas reported to a subset of the available schemas. For example, BrowsableSchemas=SchemaA,SchemaB,SchemaC. |
| Tables | This property restricts the tables reported to a subset of the available tables. For example, Tables=TableA,TableB,TableC. |
| Views | Restricts the views reported to a subset of the available tables. For example, Views=ViewA,ViewB,ViewC. |
A path to the directory that contains the schema files defining tables, views, and stored procedures.
The path to a directory which contains the schema files for the Sync App (.rsd files for tables and views, .rsb files for stored procedures). The folder location can be a relative path from the location of the executable. The Location property is only needed if you want to customize definitions (for example, change a column name, ignore a column, and so on) or extend the data model with new tables, views, or stored procedures.
If left unspecified, the default location is "%APPDATA%\\CData\\Box Data Provider\\Schema" with %APPDATA% being set to the user's configuration directory:
| Platform | %APPDATA% |
| Windows | The value of the APPDATA environment variable |
| Linux | ~/.config |
This property restricts the schemas reported to a subset of the available schemas. For example, BrowsableSchemas=SchemaA,SchemaB,SchemaC.
Listing the schemas from databases can be expensive. Providing a list of schemas in the connection string improves the performance.
This property restricts the tables reported to a subset of the available tables. For example, Tables=TableA,TableB,TableC.
Listing the tables from some databases can be expensive. Providing a list of tables in the connection string improves the performance of the Sync App.
This property can also be used as an alternative to automatically listing views if you already know which ones you want to work with and there would otherwise be too many to work with.
Specify the tables you want in a comma-separated list. Each table should be a valid SQL identifier with any special characters escaped using square brackets, double-quotes or backticks. For example, Tables=TableA,[TableB/WithSlash],WithCatalog.WithSchema.`TableC With Space`.
Note that when connecting to a data source with multiple schemas or catalogs, you will need to provide the fully qualified name of the table in this property, as in the last example here, to avoid ambiguity between tables that exist in multiple catalogs or schemas.
Restricts the views reported to a subset of the available tables. For example, Views=ViewA,ViewB,ViewC.
Listing the views from some databases can be expensive. Providing a list of views in the connection string improves the performance of the Sync App.
This property can also be used as an alternative to automatically listing views if you already know which ones you want to work with and there would otherwise be too many to work with.
Specify the views you want in a comma-separated list. Each view should be a valid SQL identifier with any special characters escaped using square brackets, double-quotes or backticks. For example, Views=ViewA,[ViewB/WithSlash],WithCatalog.WithSchema.`ViewC With Space`.
Note that when connecting to a data source with multiple schemas or catalogs, you will need to provide the fully qualified name of the table in this property, as in the last example here, to avoid ambiguity between tables that exist in multiple catalogs or schemas.
This section provides a complete list of the Miscellaneous properties you can configure in the connection string for this provider.
| Property | Description |
| AsUserId | The Id of the user you want to impersonate. Only works with Admin, Co-Admin and Service Accounts. |
| DirectoryRetrievalDepth | Depth level of folder to query Folders and Files tables. |
| ExposeCollectionViews | Determines whether to expose every collection in your Box account as separate views. |
| IncludeCustomFields | Set to true if metadata templates should be exposed as custom columns of the table Files. |
| MaxRows | Limits the number of rows returned when no aggregation or GROUP BY is used in the query. This takes precedence over LIMIT clauses. |
| Other | These hidden properties are used only in specific use cases. |
| PseudoColumns | This property indicates whether or not to include pseudo columns as columns to the table. |
| Timeout | The value in seconds until the timeout error is thrown, canceling the operation. |
| UserDefinedViews | A filepath pointing to the JSON configuration file containing your custom views. |
The Id of the user you want to impersonate. Only works with Admin, Co-Admin and Service Accounts.
If you specify a user id for this property, you can act on behalf of another user by leveraging the as-user Box header. The values specified in the pseudo-columns of tables/views or the values specified in stored procedures parameters take higher precedence over the value specified in this property.
Depth level of folder to query Folders and Files tables.
This property must be set in the connection string or the driver will use a default of Depth=5.
Determines whether to expose every collection in your Box account as separate views.
If you set this property to 'true', you can query files and folders from the corresponding Box collection.
Set to true if metadata templates should be exposed as custom columns of the table Files.
Set to true if metadata templates should be exposed as custom columns of the table Files.
Limits the number of rows returned when no aggregation or GROUP BY is used in the query. This takes precedence over LIMIT clauses.
Limits the number of rows returned when no aggregation or GROUP BY is used in the query. This takes precedence over LIMIT clauses.
These hidden properties are used only in specific use cases.
The properties listed below are available for specific use cases. Normal driver use cases and functionality should not require these properties.
Specify multiple properties in a semicolon-separated list.
| DefaultColumnSize | Sets the default length of string fields when the data source does not provide column length in the metadata. The default value is 2000. |
| ConvertDateTimeToGMT | Determines whether to convert date-time values to GMT, instead of the local time of the machine. |
| RecordToFile=filename | Records the underlying socket data transfer to the specified file. |
This property indicates whether or not to include pseudo columns as columns to the table.
This setting is particularly helpful in Entity Framework, which does not allow you to set a value for a pseudo column unless it is a table column. The value of this connection setting is of the format "Table1=Column1, Table1=Column2, Table2=Column3". You can use the "*" character to include all tables and all columns; for example, "*=*".
The value in seconds until the timeout error is thrown, canceling the operation.
If Timeout = 0, operations do not time out. The operations run until they complete successfully or until they encounter an error condition.
If Timeout expires and the operation is not yet complete, the Sync App throws an exception.
A filepath pointing to the JSON configuration file containing your custom views.
User Defined Views are defined in a JSON-formatted configuration file called UserDefinedViews.json. The Sync App automatically detects the views specified in this file.
You can also have multiple view definitions and control them using the UserDefinedViews connection property. When you use this property, only the specified views are seen by the Sync App.
This User Defined View configuration file is formatted as follows:
For example:
{
"MyView": {
"query": "SELECT * FROM Files WHERE MyColumn = 'value'"
},
"MyView2": {
"query": "SELECT * FROM MyTable WHERE Id IN (1,2,3)"
}
}
Use the UserDefinedViews connection property to specify the location of your JSON configuration file. For example:
"UserDefinedViews", C:\Users\yourusername\Desktop\tmp\UserDefinedViews.jsonNote that the specified path is not embedded in quotation marks.