---
title: Add a Box Business source
slug: '1594'
canonical_url: https://docs.coveo.com/en/1594/
collection: index-content
source_format: adoc
---
# Add a Box Business source

Members with the [required privileges](#required-privileges) can add the content of Box Business and Enterprise plan user accounts to a [Coveo organization](https://docs.coveo.com/en/185/).

> **Leading practice**
>
> The number of [items](https://docs.coveo.com/en/210/) that a source processes per hour (crawling speed) depends on various factors, such as network bandwidth and source configuration.
> See [About crawling speed](https://docs.coveo.com/en/2078/) for information on what can impact crawling speed, as well as possible solutions.

## Source key characteristics

The following table presents the main characteristics of a Box Business source.

[%header,cols="2,3,2,3"]
|===
2+|Features
|Supported
|Additional information

2+|Box version
|Latest cloud version
|

2+|Indexable content
|Files, folders, enterprises, users, and web links
|

.3+|[Content update operations](https://docs.coveo.com/en/2039/)
|[refresh](https://docs.coveo.com/en/2710/)
^|[check]
a|[Takes place every three hours by default](https://docs.coveo.com/en/1933/).
A rescan or rebuild is required to:

* Remove deleted users in Box

* Update the subitems of a renamed folder

|[rescan](https://docs.coveo.com/en/2711/)
^|[check]
|

|[rebuild](https://docs.coveo.com/en/2712/)
^|[check]
|

.3+|[Content security](https://docs.coveo.com/en/1779/) options
|[Same users and groups as in your content system](https://docs.coveo.com/en/1779#same-users-and-groups-as-in-your-content-system)
^|[check] (By default, shared link permissions are ignored, meaning that an item only shared with a link is only visible by its owner in your Coveo-powered search interface.
Contact [Coveo Support)(https://connect.coveo.com/s/case/Case/Default) for help on how to take shared link permissions into account.]
|

|[Specific users and groups](https://docs.coveo.com/en/1779#specific-users-and-groups)
^|[x]
|

|[Everyone](https://docs.coveo.com/en/1779#everyone)
^|[check]
|

.3+|[Metadata indexing for search](#index-metadata)

|Automatic mapping of [metadata](https://docs.coveo.com/en/218/) to [fields](https://docs.coveo.com/en/200/) that have the same name
2+a|This setting is disabled by default and [not recommended for this source type](https://docs.coveo.com/en/1640#about-the-performfieldmappingusingallorigins-setting).

|Automatically indexed [metadata](https://docs.coveo.com/en/218/)
2+a|Examples of [auto-populated default fields](https://docs.coveo.com/en/1833#field-origin) (no user-defined metadata required):  
 

* `clickableuri`

* `boxitemownedbyname`

* `boxitemstatus`

* `filetype`

* `title`  
 

After a content update, [inspect your item field values](https://docs.coveo.com/en/2053#inspect-search-results) in the **Content Browser**.

|Extracted but not indexed metadata
2+a|The Box Business source extracts core system-defined attributes as metadata.  
 

After a rebuild, review the [**View and map metadata**](https://docs.coveo.com/en/m9ti0339#view-and-map-metadata-subpage) subpage for the list of indexed metadata, and [index additional metadata](https://docs.coveo.com/en/m9ti0339#index-metadata).
|===

## Prerequisite

A Box Business source uses a [Box application](https://developer.box.com/guides/getting-started/first-application/) to connect to Box and index content.
For a Box Business source to index all the content of a folder and its subfolders, you must create a Box application that meets the following requirements:

**Authentication Method**: [OAuth 2.0 with JSON Web Tokens (server authentication)](https://developer.box.com/guides/authentication/jwt/)

**App Access Level**: [App Access + Enterprise Access](https://developer.box.com/guides/security/?utm_source=chatgpt.com#application-access)

**Application Scopes**:

* [Read all files and folders stored in Box](https://developer.box.com/guides/api-calls/permissions-and-errors/scopes/#read-all-files-and-folders)

* [Manage users](https://developer.box.com/guides/api-calls/permissions-and-errors/scopes/#manage-users)

* [Manage groups](https://developer.box.com/guides/api-calls/permissions-and-errors/scopes/#manage-groups)

**Advanced Features**: `Perform actions as users` and `Generate User Access Tokens`

**Add and Manage Public Keys**: [Have a valid keypair](https://developer.box.com/guides/authentication/jwt/jwt-setup/#generate-a-keypair-recommended)

## Add a Box Business source

Follow the instructions below to add a Box Business source.

. On the [**Sources**](https://platform.cloud.coveo.com/admin/#/orgid/content/sources/) ([platform-ca](https://platform-ca.cloud.coveo.com/admin/#/orgid/content/sources/) | [platform-eu](https://platform-eu.cloud.coveo.com/admin/#/orgid/content/sources/) | [platform-au](https://platform-au.cloud.coveo.com/admin/#/orgid/content/sources/)) page, click **Add source**.

. In the **Add a source of content** panel, click the **Box Business** source tile.

. Configure your source.

> **Leading practice**
>
> It's best to create or edit your source in your sandbox organization first.
> Once you've confirmed that it indexes the desired content, you can copy your source configuration to your production organization, either [with a snapshot](https://docs.coveo.com/en/3239/) or manually.
> 
> See [About non-production organizations](https://docs.coveo.com/en/2959/) for more information and best practices regarding sandbox organizations.

### "Configuration" tab

In the **Add a Box Business source** panel, the **Configuration** tab is selected by default.
It contains your source general and authentication information, as well as other parameters.

#### Name

Enter a name for your source.

> **Leading practice**
>
> A source name can't be modified once it's saved, therefore be sure to use a short and descriptive name, using letters, numbers, hyphens (`-`), and underscores (`_`). Avoid spaces and other special characters.

#### Project

Use the **Project** selector to associate your source with one or more Coveo [projects](https://docs.coveo.com/en/n7ef0517/).

#### Authentication

Provide the [Box application credentials in JSON format](https://developer.box.com/guides/authentication/jwt/without-sdk/#using-a-key-pair), either by pasting the configuration in the box or by clicking **Select a JSON file** to upload the file.

> **Note**
>
> If you still have a Box Business Legacy source, an enterprise ID is required instead.
> In the **Box Enterprise ID** box, enter the unique identifier that's displayed in your **Box Enterprise Admin Console**, on the **Account & Billing** tab.

#### Content to index

Choose whether to index the content of all your managed Box accounts or only specific accounts.
If you select **Specific users only**, enter the user email addresses corresponding to the Box accounts you want to index and make searchable.

> **Notes**
>
> * By default, Coveo indexes all items that are owned by the Box accounts that you specify.
> However, you can [add path filters](#add-path-filters) to index only certain items or ignore unwanted items.
> 
> * By default, Coveo doesn't index users as source items.
> To index users, once you've created the source, [edit the source JSON configuration](https://docs.coveo.com/en/1685#edit-the-json-configuration) and set the `IndexUsers` parameter to `true`.
>  
> [.highlight]
> ```json
"IndexUsers": {
    "sensitive": false,
    "value": "true"
  }
```
>  
> User source items contain metadata about the user such as their email address, phone number, and timezone.

### "Items" tab

On the **Items** tab, you can specify how the source handles items based on their file type or content type.

#### File types

File types let you define how the source handles [items](https://docs.coveo.com/en/210/) based on their file extension or content type.
For each file type, you can specify whether to index the item content and [metadata](https://docs.coveo.com/en/218/), only the item metadata, or neither.

You should fine-tune the file type configurations with the objective of indexing only the content that's relevant to your users.

**Example**

Your repository contains `.pdf` files, but you don't want them to appear in search results.
You click **Extensions** and then, for the `.pdf` extension, you change the **Default action** and **Action on error** values to `Ignore item`.

For more details about this feature, see [File type handling](https://docs.coveo.com/en/l3qg9275/).

#### Content and images

If you want Coveo to extract text from image files or PDF files containing images, enable the appropriate option.
The extracted text is processed as item data, meaning that it's fully searchable and will appear in the item [Quick view](https://docs.coveo.com/en/2760#search-result-quick-view).

> **Note**
>
> When OCR is enabled, ensure the source's relevant [file type configurations](https://docs.coveo.com/en/l3qg9275/) index the item content.
> Indexing the item's metadata only or ignoring the item will prevent OCR from being applied.

See [Enable optical character recognition](https://docs.coveo.com/en/2937/) for details on this feature.

### "Content security" tab

Select who will be able to access the source items through a Coveo-powered [search interface](https://docs.coveo.com/en/2741/).
For details on the content security options, see [Content security](https://docs.coveo.com/en/1779/).

> **Important**
>
> When using the **Everyone** content security option, see [Safely apply content filtering](#safe) for information on how to ensure that your source content is safely filtered and only accessible by intended users.

### "Access" tab







. On the **Access** tab, specify whether each group (and API key, if applicable) in your [Coveo organization](https://docs.coveo.com/en/185/) can view or edit the current source.

For example, when creating a new source, you could decide that members of Group A can edit its configuration, while Group B can only view it.

For more information, see [Custom access level](https://docs.coveo.com/en/3151#custom-access-level).
On the **Access** tab, specify whether each group (and API key, if applicable) in your [Coveo organization](https://docs.coveo.com/en/185/) can view or edit the current source.

For example, when creating a new source, you could decide that members of Group A can edit its configuration, while Group B can only view it.

For more information, see [Custom access level](https://docs.coveo.com/en/3151#custom-access-level).

### Build the source

. Finish adding or editing your source:

** When you're done editing the source and want to make your changes effective, click **Add and build source**/**Save and rebuild source**.

** When you want to save your source configuration changes without starting a build/rebuild, such as when you know you want to make other changes soon, click **Add source**/**Save**.
On the [**Sources**](https://platform.cloud.coveo.com/admin/#/orgid/content/sources/) ([platform-ca](https://platform-ca.cloud.coveo.com/admin/#/orgid/content/sources/) | [platform-eu](https://platform-eu.cloud.coveo.com/admin/#/orgid/content/sources/) | [platform-au](https://platform-au.cloud.coveo.com/admin/#/orgid/content/sources/)) page, click **Launch build** or **Start required rebuild** when you're ready to make your changes effective and index your content.

> **Leading practice**
>
> By default, a Jira Software source indexes the entire Jira Software instance content.
> To index only certain projects, click **Save**, and then specify the desired address patterns in your [source JSON configuration](https://docs.coveo.com/en/1685/) before launching the initial build.
> See [Add source filters](https://docs.coveo.com/en/2006#add-source-filters) for further information.

. On the [**Sources**](https://platform.cloud.coveo.com/admin/#/orgid/content/sources/) ([platform-ca](https://platform-ca.cloud.coveo.com/admin/#/orgid/content/sources/) | [platform-eu](https://platform-eu.cloud.coveo.com/admin/#/orgid/content/sources/) | [platform-au](https://platform-au.cloud.coveo.com/admin/#/orgid/content/sources/)) page, follow the progress of your source addition or modification.

. Once the source is built or rebuilt, [review its content in the Content Browser](https://docs.coveo.com/en/2053/).

. Optionally, consider [editing or adding mappings](https://docs.coveo.com/en/1640/).


> **Note**
>
> If you selected **Specific URLs** or **User profiles** in the [**Content**](https://docs.coveo.com/en/1739#content) section, some additional items will appear in the Content Browser.
> To retrieve user profiles, Coveo must crawl your SharePoint Online instance, including your host site collection and the documents it contains.
> Items encountered during this process are also retrieved and therefore appear in the Content Browser.

### Index metadata

To use [metadata](https://docs.coveo.com/en/218/) values in [search interface](https://docs.coveo.com/en/2741/) [facets](https://docs.coveo.com/en/198/) or result templates, the metadata must be [mapped](https://docs.coveo.com/en/217/) to [fields](https://docs.coveo.com/en/200/).
Coveo automatically [maps](https://docs.coveo.com/en/217/) only a subset of the metadata it extracts.
You must map any additional metadata to fields manually.

> **Note**
>
> Not clear on the purpose of indexing metadata?
> Watch [this video](https://www.youtube.com/watch?v=BmmmVJ3AWi0).

. On the [**Sources**](https://platform.cloud.coveo.com/admin/#/orgid/content/sources/) ([platform-ca](https://platform-ca.cloud.coveo.com/admin/#/orgid/content/sources/) | [platform-eu](https://platform-eu.cloud.coveo.com/admin/#/orgid/content/sources/) | [platform-au](https://platform-au.cloud.coveo.com/admin/#/orgid/content/sources/)) page, click your source, and then click **More** > **View and map metadata** in the Action bar.

. Review the default [metadata](https://docs.coveo.com/en/218/) that your source is extracting from your content.

. Map any currently _not indexed_ metadata that you want to use in facets or result templates to fields.

.. Click the metadata and then, at the top right, click **Add to Index**.

.. In the **Apply a mapping on all item types of a source** panel, select the field you want to map the metadata to, or [add a new field](https://docs.coveo.com/en/1833#add-a-field) if none of the existing fields are appropriate.

> **Note**
>
> For advanced mapping configurations, like applying a mapping to a specific item type, see [Manage mappings](https://docs.coveo.com/en/1640#manage-mappings).

.. Click **Apply mapping**.

. Return to the [**Sources**](https://platform.cloud.coveo.com/admin/#/orgid/content/sources/) ([platform-ca](https://platform-ca.cloud.coveo.com/admin/#/orgid/content/sources/) | [platform-eu](https://platform-eu.cloud.coveo.com/admin/#/orgid/content/sources/) | [platform-au](https://platform-au.cloud.coveo.com/admin/#/orgid/content/sources/)) page.

. To reindex your source with your new mappings, click your source, and then click **More** > **Rebuild** in the Action bar.

. Once the source is rebuilt, review your item field values.
They should now include the values of the metadata you selected to index.

.. On the [**Sources**](https://platform.cloud.coveo.com/admin/#/orgid/content/sources/) ([platform-ca](https://platform-ca.cloud.coveo.com/admin/#/orgid/content/sources/) | [platform-eu](https://platform-eu.cloud.coveo.com/admin/#/orgid/content/sources/) | [platform-au](https://platform-au.cloud.coveo.com/admin/#/orgid/content/sources/)) page, click your source, and then click **More** > **Open in Content Browser** in the Action bar.

.. Select the card of the item for which you want to inspect properties, and then click **Properties** in the Action bar.

.. In the panel that appears, select the **Fields** tab.

### Add path filters

By default, Coveo indexes all items in the Box accounts that you specified in the [**Content to index**](#content-to-index) section.
To index only certain items or ignore unwanted items, you can add path filters to your source JSON configuration.

> **Note**
>
> You can also filter items by file type on the [**Items**](#items-tab) tab.

. On the [**Sources**](https://platform.cloud.coveo.com/admin/#/orgid/content/sources/) ([platform-ca](https://platform-ca.cloud.coveo.com/admin/#/orgid/content/sources/) | [platform-eu](https://platform-eu.cloud.coveo.com/admin/#/orgid/content/sources/) | [platform-au](https://platform-au.cloud.coveo.com/admin/#/orgid/content/sources/)) page, click your Box source, and then click **More** > **Edit configuration with JSON** in the Action bar.

. Add your filters in the [`addressPatterns`](https://docs.coveo.com/en/2006#addresspatterns-array-required) array object, while adhering to the following:

* You must use the [`printableuri`](#get-the-printable-uri) path for the `expression` parameter.

* For your Box Business source to be able to locate an item specified in a `printableuri` path, the `addressPatterns` array must include separate `expression` parameter entries (inclusion filters) for each of the hierarchical elements of the item's URL structure.


**Example**

You want to index all the items in User1's `Content` folder and subfolders, except for the `Draft` subfolder or its subfolders.

The `printableuri` for the `Content` folder is `\https://www.box.com/Speedbit/User1 (\user1@speedbit.com)/All Files/Content`.

The `printableuri` for the `Draft` folder is `\https://www.box.com/Speedbit/User1 (\user1@speedbit.com)/All Files/Content/Draft`

In order for your Box Business source to be able to locate the `Content` and `Draft` folders, a separate inclusion filter is required for each of the folders' hierarchical elements.

Your `addressPatterns` array would be as follows:

```json
"addressPatterns": [
  {
    "allowed": true,
    "expression": "https://www.box.com/Speedbit",
    "patternType": "Wildcard"
  },
  {
    "allowed": true,
    "expression": "https://www.box.com/Speedbit/User1 (user1@speedbit.com)",
    "patternType": "Wildcard"
  },
  {
    "allowed": true,
    "expression": "https://www.box.com/Speedbit/User1 (user1@speedbit.com)/All Files",
    "patternType": "Wildcard"
  },
  {
    "allowed": true,
    "expression": "https://www.box.com/Speedbit/User1 (user1@speedbit.com)/All Files/Content*",
    "patternType": "Wildcard"
  },
  {
    "allowed": false,
    "expression": "https://www.box.com/Speedbit/User1 (user1@speedbit.com)/All Files/Content/Draft*",
    "patternType": "Wildcard"
  }
]
```

. Once you've added all your source filters, click **Save and rebuild source**.

#### Get the printable URI

The Box Business connector is designed to use the `printableuri` when applying [path filters](#add-path-filters).
This means that you must use the `printableuri` item field value when specifying the `expression` parameter in the [addressPatterns](https://docs.coveo.com/en/2006#addresspatterns-array-required) array object.

The easiest way to get the `printableuri` of an item is to build your source, and then [inspect the item in the Content Browser](#get-the-printable-uri-of-an-indexed-item).

##### The printable URI format

The printable URI format for an item in Box Business (for example, a file or folder) is `\https://www.box.com/<COMPANY_NAME>/<ACCOUNT_USERNAME> (<ACCOUNT_EMAIL>)/All Files/<FOLDER>/<FILENAME>`, where:

* `<COMPANY_NAME>` is the name of the company account in Box Business.

* `<ACCOUNT_USERNAME>` is the name of the user that owns the item or folder.

* `<ACCOUNT_EMAIL>` is the email address of the user that owns the item or folder.

* `<FOLDER>` is the name of the folder.

* `<FILENAME>` is the item filename.

**Examples**

* The printable URI of the following folder would be `\https://www.box.com/Speedbit/User1 (\user1@speedbit.com)/All Files/Content`:

** Company name is `Speedbit`

** Account username is `User1`

** Account email address is `user1@speedbit.com`

** Folder where the items are located is named `Content`

* The printable URI of the following item would be `\https://www.box.com/Speedbit/User2 (\user2@speedbit.com)/All Files/Tasks/Task_List.pdf`:

** Company name is `Speedbit`

** Account username is `User2`

** Account email address is `user2@speedbit.com`

** Folder where the item is located is named `Tasks`

** Item filename is `Task_List.pdf`

##### Get the printable URI of an indexed item

If you've already built the source and indexed items, you can get the `printableuri` of a given item by inspecting its properties in the [Content Browser](https://docs.coveo.com/en/2053/).

. On the [**Content Browser**](https://platform.cloud.coveo.com/admin/#/orgid/content/browser/) ([platform-ca](https://platform-ca.cloud.coveo.com/admin/#/orgid/content/browser/) | [platform-eu](https://platform-eu.cloud.coveo.com/admin/#/orgid/content/browser/) | [platform-au](https://platform-au.cloud.coveo.com/admin/#/orgid/content/browser/)) page, use the search box and [facets](https://docs.coveo.com/en/198/) to locate the desired item.

. Click the item card, and then click **Properties** in the Action bar.

. On the **Fields** tab, use the Filter box to search for the `printableuri` property value for the item.

## [[safe]]Safely apply content filtering

The best way to ensure that your indexed content is seen only by the intended users is to enforce [content security](#content-security-tab) by selecting the [**Same users and groups as in your content system**](https://docs.coveo.com/en/1779#same-users-and-groups-as-in-your-content-system) option. Should this option be unavailable, select [**Specific users and groups**](https://docs.coveo.com/en/1779#specific-users-and-groups) instead.

However, if you need to configure your source so that the indexed source content is accessible to [**Everyone**](https://docs.coveo.com/en/1779#everyone), you should adhere to the following leading practices.
These practices ensure that your source content is safely filtered and only accessible by the appropriate users:

* [Configure query filters](#configure-query-filters): Apply filter rules on a query pipeline to filter the source content that appears in search results when a query goes through that pipeline.

* [Use condition-based query pipeline routing](#use-condition-based-query-pipeline-routing): Apply a condition on a query pipeline to make sure that every query originating from a specific search hub is routed to the right query pipeline.
### Configure query filters

[Filter rules](https://docs.coveo.com/en/3410/) allow you to enter hidden [query](https://docs.coveo.com/en/231/) expressions to be added to all queries going through a given [query pipeline](https://docs.coveo.com/en/180/).
They're typically used to add a field-based expression to the [constant query expression (`cq`)](https://docs.coveo.com/en/179/).

**Example**

You apply the `@objectType=="Solution"` query filter to the pipeline to which the traffic of your public support portal is directed.
As a result, the `@objectType=="Solution"` query expression is added to any query sent via this support portal.

Therefore, if a user types `Speedbit watch wristband` in the search box, the items returned are those that match these keywords and whose `objectType` has the `Solution` value.
Items matching these keywords but having a different `objectType` value aren't returned in the user's search results.

To learn how to configure query pipeline filter rules, see [Manage filter rules](https://docs.coveo.com/en/3410/).

> **Note**
>
> You can also enforce a filter expression directly in the [search token](#configure-the-search-token).

### Use condition-based query pipeline routing

The most recommended and flexible query pipeline routing mechanism is [condition-based routing](https://docs.coveo.com/en/1666#condition-based-routing-recommended).

When using this routing mechanism, you ensure that search requests are routed to a specific query pipeline according to the search interface from which they originate, and the authentication is done server side.

To accomplish this:

. [Apply a condition to a query pipeline based on a search hub value](https://docs.coveo.com/en/1959/), such as **Search Hub is Community Search** or **Search Hub is Agent Panel**.
This condition ensures that all queries that originate from a specific search hub go through that query pipeline.

. [Authenticate user queries via a search token](#configure-the-search-token) that's generated server side and that contains the search hub parameter that you specified in the query pipeline.
> **Note**
>
> If you're using the Coveo In-Product Experience (IPX) feature, see [Implement advanced search token authentication](https://docs.coveo.com/en/3160#option-2-implement-advanced-search-token-authentication).

## Required privileges

You can assign privileges to allow access to specific tools in the [Coveo Administration Console](https://docs.coveo.com/en/183/).
The following table indicates the privileges required to view or edit elements of the [**Sources**](https://platform.cloud.coveo.com/admin/#/orgid/content/sources/) ([platform-ca](https://platform-ca.cloud.coveo.com/admin/#/orgid/content/sources/) | [platform-eu](https://platform-eu.cloud.coveo.com/admin/#/orgid/content/sources/) | [platform-au](https://platform-au.cloud.coveo.com/admin/#/orgid/content/sources/)) page and associated panels.
See [Manage privileges](https://docs.coveo.com/en/3151/) and [Privilege reference](https://docs.coveo.com/en/1707/) for more information.

> **Note**
>
> The **Edit all** privilege isn't required to create sources.
> When granting privileges for the [Sources](https://docs.coveo.com/en/1707#sources-domain) domain, you can grant a group or API key the **View all** or [**Custom**](https://docs.coveo.com/en/3151#custom-access-level) access level, instead of **Edit all**, and then select the **Can Create** checkbox to allow users to create sources.
> See [Can Create ability dependence](https://docs.coveo.com/en/3151#can-create-ability-dependence) for more information.

## What's next?

* [Schedule source updates](https://docs.coveo.com/en/1933/).
[Schedule source updates](https://docs.coveo.com/en/1933/).