Add or Edit a Box Business Source

Members of the Administrators and Content Managers built-in groups can add the content of users' Box enterprise accounts to a Coveo organization.

Leading practice

The number of items that a source processes per hour (crawling speed) depends on various factors, such as network bandwidth and source configuration. See About Crawling Speed for information on what can impact crawling speed, as well as possible solutions.


The Box Business Legacy connector has been deprecated for security reasons. If you still have a Box Business Legacy source, it will still work, but we recommend that you create a Box Business source to replace it.

The difference between the two connectors lies in how you identify your Box account when creating the source: with a Box Business Legacy, you entered a Box Enterprise ID, whereas with a Box Business source, a JSON configuration containing credentials is required. Moreover, Box Business Legacy sources provided a Coveo application API key to enter in your Box application to authorize Coveo. With the new connector, this is no longer required.

Source Key Characteristics

Features Supported Additional information

Box version

Latest cloud version

Following available Box releases

Searchable content types


Files, folders, enterprises, users, and web links

Content update operations



Takes place every three hours by default. A rescan or rebuild is required to:

  • Remove deleted users in Box

  • Update the subitems of a renamed folder





Content security options

Same users and groups as in your content system


Specific users and groups




Add or Edit a Box Business Source

Follow the instructions below when adding or editing a Box Business source.

"Configuration" Tab

On the Add/Edit a Box Business Source subpage, the Configuration tab is selected by default. It contains your source general and authentication information, as well as other parameters.

General Information

Source Name

Enter a name for your source.

Leading practice

A source name can’t be modified once it’s saved, therefore be sure to use a short and descriptive name, using letters, numbers, hyphens (-), and underscores (_). Avoid spaces and other special characters.


Provide the Box application credentials in JSON format, either by pasting the configuration in the box or clicking Choose File and selecting the file to upload.


If you still have a Box Business Legacy source, an enterprise ID is required instead. In the Box Enterprise ID box, enter the unique identifier that’s displayed in your Box Enterprise Admin Console, in the Account & Billing tab.

Optical Character Recognition (OCR)

If you want Coveo to extract text from image files or PDF files containing images, check the appropriate box. OCR-extracted text is processed as item data, meaning that it’s fully searchable and will appear in the item Quick View. See Enable Optical Character Recognition for details on this feature.


Contact Coveo Sales to add this feature to your organization license.

"Users to Include" Section

Choose whether to index the content of all your managed Box accounts or only specific accounts. If you select Specific, enter the user email addresses corresponding to the Box accounts you want to index and make searchable.

  • By default, Coveo indexes all items in the Box accounts that you specified for your source. However, you can add source filters to index only certain items or ignore unwanted items.

  • If you want to index users as separate items, once you’ve created the source, edit the source JSON configuration and set the IndexUsers parameter to true. The default value is false.

    "IndexUsers": {
        "sensitive": false,
        "value": "true"

"Content Security" Tab

Select who will be able to access the source items through a Coveo-powered search interface. For details on this parameter, see Content Security.


When using the Everyone content security option, see Safely Apply Content Filtering for information on how to ensure that your source content is safely filtered and only accessible by intended users.

"Access" Tab

In the Access tab, set whether each group and API key can view or edit the source configuration (see Resource Access):

  1. If available, in the left pane, click Groups or API Keys to select the appropriate list.

  2. In the Access Level column for groups or API keys with access to source content, select View or Edit.


  1. Finish adding or editing your source:

    • When you want to save your source configuration changes without starting a build/rebuild, such as when you know you want to do other changes soon, click Add Source/Save.


      On the Sources (platform-ca | platform-eu | platform-au) page, you must click Launch build or Start required rebuild in the source Status column to add the source content or to make your changes effective, respectively.

    • When you’re done editing the source and want to make changes effective, click Add and Build Source/Save and Rebuild Source.

      Back on the Sources (platform-ca | platform-eu | platform-au) page, you can review the progress of your source addition or modification.

      Once the source is built or rebuilt, you can review its content in the Content Browser.

  2. Optionally, consider editing or adding mappings once your source is done building or rebuilding.

Add Source Filters

By default, Coveo indexes all items in the Box accounts that you specified in the Users to Include section. However, if you want to index only certain items or ignore unwanted items, you can add filters to your source JSON configuration.


Your Box Business source indexes only certain file types, such as .doc and .xls, by default. To view or modify the file types that are indexed by your source, see Change Indexed Item Types.

  1. On the Sources (platform-ca | platform-eu | platform-au) page, click your Box source, and then click More > Edit JSON in the Action bar.

  2. Add your filters in the addressPatterns array object, while adhering to the following:

    • You must use the printableuri path for the expression parameter.


      The Box Business connector is designed to use the printableuri, instead of the uri, to identify where an item is located when applying source filters. To get the printableuri for a folder or item in Box Business, see Get the Printable URI.

    • For your Box Business source to be able to locate an item specified in a printableuri path, the addressPatterns array must also include separate expression parameter entries (inclusion filters) for each of the hierarchical elements of the item’s URL structure.


    You want to index all the items in User1’s Content folder and subfolders, except for the Draft subfolder or its subfolders.

    The printableuri for the Content folder is ( Files/Content.

    The printableuri for the Draft folder is ( Files/Content/Draft

    In order for your Box Business source to be able to locate the Content and Draft folders, a separate inclusion filter is required for each of the folders' hierarchical elements.

    Your addressPatterns array would be as follows:

    "addressPatterns": [
        "expression": "",
        "patternType": "Wildcard",
        "allowed": true
        "expression": " (",
        "patternType": "Wildcard",
        "allowed": true
        "expression": " ( Files",
        "patternType": "Wildcard",
        "allowed": true
        "expression": " ( Files/Content*",
        "patternType": "Wildcard",
        "allowed": true
        "expression": " ( Files/Content/Draft*",
        "patternType": "Wildcard",
        "allowed": false
  3. Once you’ve added all your source filters, click Save and rebuild source.

Get the Printable URI

The Box Business connector is designed to use the printableuri, instead of the uri, when applying source filters. This means that you must use the printableuri path when specifying the expression parameter in the addressPatterns array object.

To get the printableuri for a folder or item in Box Business, you can either:

Create the printableuri

The printable URI format for an item in Box Business is<COMPANY_NAME>/<ACCOUNT_USERNAME> (<ACCOUNT_EMAIL>)/All Files/<FOLDER>/<FILENAME>.

To create the printable URI, replace:

  • <COMPANY_NAME> with the name of the company account in Box Business.

  • <ACCOUNT_USERNAME> with the name of the user that owns the item or folder.

  • <ACCOUNT_EMAIL> with the email address of the user that owns the item or folder.

  • <FOLDER> with the name of the folder.

  • <FILENAME> with the item filename.

  • The printable URI of the following folder would be ( Files/Content:

    • Company name is Speedbit

    • Account username is User1

    • Account email address is

    • Folder where the items are located is named Content

  • The printable URI of the following item would be ( Files/Tasks/Task_List.pdf:

    • Company name is Speedbit

    • Account username is User2

    • Account email address is

    • Folder where the item is located is named Tasks

    • Item filename is Task_List.pdf

Inspect the Item With the Content Browser

If you’ve already built the source and indexed items, you can get the printableuri for a given item by inspecting its properties in the Content Browser.

  1. On the Content Browser (platform-ca | platform-eu | platform-au) page, use the facets and search box to locate the desired item.

  2. Click the item card, and then click Properties in the Action bar.

  3. In the Fields tab, use the Filter box to search for the printableuri property value for the item.

Safely Apply Content Filtering

The best way to ensure that your indexed content is seen only by the intended users is to enforce content security by selecting the Same users and groups as in your content system option. Should this option be unavailable, select Specific users and groups instead.

However, if you need to configure your source so that the indexed source content is accessible to Everyone, you should adhere to the following leading practices to ensure that your source content is safely filtered and only accessible by the appropriate users:

Following the above leading practices results in a workflow whereby the user query is authenticated server side via a search token that enforces the search hub from which the query originates. Therefore, the query can’t be modified by users or client-side code. The query then passes through a specific query pipeline based on a search hub condition, and the query results are filtered using the filter rules.

Configure Query Filters

Filter rules allow you to enter hidden query expressions to be added to all queries going through a given query pipeline. They’re typically used to add a field-based expression to the constant query expression (cq).


You apply the @objectType=="Solution" query filter to the pipeline to which the traffic of your public support portal is directed. As a result, the @objectType=="Solution" query expression is added to any query sent via this support portal.

Therefore, if a user types Speedbit watch wristband in the searchbox, the items returned are those that match these keywords and whose objectType has the Solution value. Items matching these keywords but having a different objectType value aren’t returned in the user’s search results.

To learn how to configure query pipeline filter rules, see Manage Filter Rules.


You can also enforce a filter expression directly in the search token.

Use Condition-Based Query Pipeline Routing

The most recommended and flexible query pipeline routing mechanism is condition-based routing.

When using this routing mechanism, you ensure that search requests are routed to a specific query pipeline according to the search interface from which they originate, and the authentication is done server side.

To accomplish this:

  1. Apply a condition to a query pipeline based on a search hub value, such as Search Hub is Community Search or Search Hub is Agent Panel. This condition ensures that all queries that originate from a specific search hub go through that query pipeline.

  2. Authenticate user queries via a search token that’s generated server side and that contains the search hub parameter that you specified in the query pipeline.

Configure the Search Token

When using query filters to secure content, the safest way to enforce content security is to authenticate user queries using a search token that’s generated server side. For instance, when using this approach, you can enforce a search hub value in the search token. This makes every authenticated request that originates from a component use the specified search hub, and therefore be routed to the proper query pipeline. Because this configuration is stored server side and encrypted in the search token, it can’t be modified by users or client-side code.

Implementing search token authentication requires you to add server side logic to your web site or application. Therefore, the actual implementation details will vary from one project to another.

The following procedure provides general guidelines:


If you’re using the Coveo In-Product Experience (IPX) feature, see Implementing Advanced Search Token Authentication.

  1. Authenticate the user.

  2. Call a service exposed through Coveo to request a search token for the authenticated user.

  3. Specify the userIDs for the search token, and enforce a searchHub parameter in the search token.


You can specify other parameters in the search token, such as a query filter.

For more information and examples, see Search Token Authentication.

What’s Next?

1. By default, shared link permissions are ignored, meaning that an item only shared with a link is only visible by its owner in your Coveo-powered search interface. Contact Coveo Support for help on how to take shared link permissions into account.