# Box Connect your company's Box account to Cakewalk's MCP Gateway. Every agent tool call against Box passes through the gateway and is evaluated against your Policies. ## Requirements * Box admin or developer with access to the Developer Console at . ## About Scopes Box requires application scopes to be configured on the OAuth app itself, not at consent time. Scopes determine which Box objects the agent can read or modify (Files and Folders, Users, Groups, Webhooks, Enterprise Properties). Configure the scope set that matches the agent actions you want to allow. The scope set the MCP server requires is approved through your app's scope configuration. ## Step 1: Create a Platform App in Box 1. Sign in to Box and open the [Developer Console](https://app.box.com/developers/console). 2. Select **Platform Apps**. 3. Click **New App**. 4. Enter an app name. 5. In the **App Type** dropdown, select **OAuth 2.0**. 6. Create the app. Once OAuth 2.0 is selected, the app's authentication method cannot be changed. To switch later, create a new app. ## Step 2: Configure the Redirect URI 1. Open the app's **Configuration** page. 2. Scroll to the **OAuth 2.0 Redirect URI** section. 3. Add this URI: ``` https://mcp-gateway.getcakewalk.io/api/v1/Auth/Callback ``` 4. Save. Redirect URIs must use HTTPS (HTTP is accepted only for localhost) and must match the configured value exactly. ## Step 3: Configure Application Scopes On the same **Configuration** page, scroll to the **Application Scopes** section and enable the scopes the agent needs to operate against Box. At minimum, enable read access on the object types the agent will touch. ## Step 4: Copy the Client ID and Client Secret On the app's **Configuration** page, find the **OAuth 2.0 Credentials** section. Copy the Client ID and Client Secret. ## Step 5: Paste Credentials Into Cakewalk 1. Open . 2. Go to All Connections. 3. Find Box. 4. Click Edit credentials. 5. Paste the Client ID and Client Secret. 6. Save. ## Verifying It Works The Box Connection card flips to Active on All Connections. From an agent platform connected to Cakewalk, ask the agent to list a folder in Box. If Box returns the folder contents, the Connection is live. ## Troubleshooting * Invalid redirect URI on consent: the value in **OAuth 2.0 Redirect URI** must match `https://mcp-gateway.getcakewalk.io/api/v1/Auth/Callback` exactly. Box requires exact matches with no trailing slash. * Missing scope errors after authentication: enable the missing scope under **Application Scopes** on the app's Configuration page, then reconnect. * Cannot change authentication method: Box does not allow switching from OAuth 2.0 to another method on an existing app. Create a new app if a different auth method is needed. ## Learn More * [Set up an OAuth 2.0 app in Box](https://developer.box.com/guides/authentication/oauth2/oauth2-setup/) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://www.cakewalk.security/docs/ai-agent-access/connections-and-integrations/agent-connections/box.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.