Configure a Connection Profile

From the CData ribbon, click Get Data and select From Box connection/s to launch the CData Query window. To setup a new connection, you will have to click the New Box Connection button. Here you can set the connection settings, test the connection, and save the connection profile.

Connecting to Box

The add-in enables access to metadata for Box tables and folders. Note that the add-in cannot update the contents of files stored on Box or model file content as tables and columns.

Authenticating to Box

The add-in uses the OAuth authentication standard to connect to Box from either a User account or a Service account.

Box provides embedded OAuth credentials that simplify connection from a Desktop application . To connect from a Web application, you must create a custom OAuth application, as described in Creating a Custom OAuth Application.

The following subsections describe how to authenticate to Box from the available OAuth flows. For information about how to create a custom OAuth application, and why you might want to create one even for auth flows that already have embedded OAuth credentials, see Creating a Custom OAuth Application.

For a complete list of connection string properties available in Box, see Connection.

User Accounts (OAuth)

AuthScheme must be set to OAuth in all user account flows.

Desktop Applications

CData provides an embedded OAuth application that simplifies OAuth desktop authentication. You can also create and connect through a custom OAuth application. For further information about custom OAuth applications, see Creating a Custom OAuth Application.

Get and Refresh the OAuth Access Token

After setting the following, you are ready to connect:

• Custom applications only:
  • OAuthClientId: The client Id assigned when you registered your app.
  • OAuthClientSecret: The client secret assigned when you registered your app.
  • CallbackURL: The redirect URI defined when you registered your app. For example: https://localhost:3333

When you connect, the add-in opens Box's OAuth endpoint in your default browser. Log in and grant permissions to the application. The add-in refreshes the access token automatically when it expires.

Service Account (OAuthJWT)

Service accounts have silent authentication, which does not require user authentication in the browser. You can also use a service account to delegate enterprise-wide access scopes to the add-in.

To use a service account, you must create and authorize a custom OAuth application, as described in Creating a Custom OAuth Application. You can then connect to whatever Box data the service account is permitted to access.

After setting the following connection properties, you are ready to connect:

• AuthScheme: OAuthJWT.
• OAuthClientId: The client Id noted in your custom OAuth application settings.
• OAuthClientSecret: The client secret noted in your custom OAuth application settings.
• OAuthJWTCertType: PEMKEY_FILE.
• OAuthJWTCert: The path to the .pem file you generated.
• OAuthJWTCertPassword: The password of the .pem file.
• OAuthJWTCertSubject: The subject of the certificate. If you want to select the first certificate in the Certificate Store, set an * (asterisk).
• OAuthJWTSubjectType: The same as what you specified in your Application Access Values; either "enterprise" or "user". The default value of this connection property is "enterprise".
• OAuthJWTSubject: If your subject type is set to enterprise, this should be your enterprise Id. If your subject type is set to user, this should be your application user Id.
• OAuthJWTPublicKeyId: The Id of your public key in your application settings.

When you connect the add-in completes the OAuth flow for a service account.

BOXJSON OAuthJWTCertType

To authenticate using a service account and the BOXJSON OauthJWTCertType, set these properties:

• AuthScheme: OAuthJWT.
• InitiateOAuth: GETANDREFRESH.
• OAuthJWTCertType BOXJSON. OAuthJWTCert: The path to the Box-provided JSON file.

In cases where it may not be feasible to use a file in your system. you can copy the contents of the JSON file directly into the connection string. Set these properties:

• AuthScheme: OAuthJWT.
• InitiateOAuth: GETANDREFRESH.
• OAuthJWTCertType: BOXJSONBLOB.
• OAuthJWTCert: The contents of the Box-provided JSON file.

Connection Properties

The Connection properties describe the various options that can be used to establish a connection.

Managing Connections

After successfully authenticating to Box you will be able to customize the data you are importing. To learn more about this, see Managing Connections.

See Also

• Querying Data: Use the data selection wizard to pull data into a spreadsheet. You can also configure scheduled data refresh here.
• Using the Excel Add-In: Find other ways to interact with Box data, such as using the available CData Excel Functions.