Skip to content

Help shape the future of Box

Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!

See user guide here.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

252 results found

  1. Allow http://127.0.0.1 as redirect_url in published box apps

    It is currently disallowed to use redirect_urls of the form http://127.0.0.1 in published apps.

    These give the error "insecureredirecturi".

    These are allowed in unpublished apps.

    Having a redirect to 127.0.0.1 is very useful for native apps which run on the users computer (eg rclone https://rclone.org ).

    It is pretty much impossible to do https to 127.0.0.1 - you can't get a valid certificate for it. See this link for details: https://letsencrypt.org/docs/certificates-for-localhost/ - and also for reasons why using http://127.0.0.1 is treated as secure by browsers.

    I'll describe how rclone, a native CLI app works. Rclone runs on the…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. macOS SDK support

    It would be great to see full macOS support in the Box SDK.

    I realize that the name of the Apple-flavored SDK is "box-ios-sdk", but "osx" is listed as one of the supported platforms. It compiles and links just fine, but the code path bails on OAuth sign in support.

    It looks like most of the SDK would work fine for API calls post authentication, so I think it's mainly a matter of wiring up browser-based sign-in like Dropbox does for their SDK: https://github.com/dropbox/SwiftyDropbox. This seems to be confirmed by a response from @sujaygarlanka in a submitted GitHub issue: …

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. API-level access to Box Admin Console settings

    Amazon has many EIDs and their security team needs to be able to apply and monitor enterprise settings in a centralized, scalable way.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. We want to be able to use the BoxAPI only from whitelisted IP addresses

    We want to be able to use the BoxAPI only from whitelisted IP addresses
    (For example, register the IP address list of our proxy server )

    We believe it is the best to be able to specify a list of accessible IP address range on the apps in the application registration screen

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. I would like to automatically set some options when creating a Box user. This is more about options in the Account settings.

    We are currently provisioning automatically BOX users via our IDP and SAML assertion.When a user is added to an Active Directory group, his BOX account is automatically created.

    I would like to automatically set some options when creating a BOX user. This is more about options in the Account settings. For example : country, number of lines displayed by page, default homepage…

    Having particular attributes or API calls to manage these issues would fulfill the need.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. Total space used and total space allocated at enterprise level through API

    Whenever we want to get total space used and total space allocated at enterprise level through api, we have to iterate through every user. Even then total space allocated at enterprise level would not be 100% accurate. If you guys can expose any api where we would get those information accurately.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. Format Event Stream Event Types on Box.dev

    On box.dev, please format the available event types for the event stream in a more readable format. Descriptions for the event would also be helpful.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. Possible to unlock by just id of the lock object

    Locks may have been destroyed by others.
    In the current, just before releasing the lock, the owner of the lock needs to confirm that the owner is himself, so it is useless.
    If we can release this from the object returned at locked, we can write logic more smartly.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. Clearer token scope documentation

    Can you specify that the item_share scope for downscoping tokens is for shared links and not collaboration?

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. Ability to Initiate Custom CLI Scripts from Admin Console

    Admin/Co-Admin Only Function.

    For co-admins -This could be added as an optional setup parameter. Scope would be user administration and custom reporting. A user defined menu to initiate "batch job " . The script selection display could include script name, description and the ability to link to a documentation folder in box.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. UX dead end

    Can’t scroll these pages on mobile

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  13. New field that indicates whether that specific folder has any collaborations of its own, i.e. not inherited from a parent

    We have a big problem on our hands when it comes to obtaining all of the collaborations a user created inviting others to their content. There simply is no quick way of doing this, especially on users having massive folders. We discovered that the GET action on the /Folders endpoint has an available request field called “hascollaborations” which indicates whether the folder has any collaborations. I really hoped we could leverage this to cut down on the unnecessary calls to the /Folders/{folderId}/collaborations endpoint if the folder being iterated over had no collaborations, but unfortunately it returns “true” even if

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  14. iOS SDK

    'Mark for offline' capability in SDK. Either read-only or edit-sync is a critical requirement for field worker use cases.

    With current SDK developers need to build this which is expensive and risky.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. Doc feedback

    The layout and the padding feels weird. This applies to both the navbar as well as the content.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. Start accepting an array of strings as 'aud'

    Hi. I'm trying to use jwt authentication with box. I'm new to JWT. The library I'm using seems to send the 'aud' value as an array of strings, and looking at the specification for JWT, that's what it's supposed to send. This doesn't work with box though, box only allows a single string as 'aud'.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  17. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  18. Add length of field to API documentation

    It would be nice to explicitly mention the length of some of the fields. In our enterprise account all the users had 10-digit UIDs, so I thought that was the standard length, but we had some users with preexisting lite accounts rolled in and a few of them had 8-digit or 9-digit UIDs. I see now that the example UID provided had 9 digits, so my bad there, but I initially just looked at the 'id' attribute under 'user object' to try and find the length and it would be nice I think to have something like 'id / string…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    Thanks for the suggestion. We generally don’t provide lengths for fields unless there is a concious decision to define a specific length or range as a contract. Given that the type of field for user id is a string, the fact that user id values ranged from 8-10 digits is an implementation detail, not a guarantee.

  19. New event type for modification of upload-email properties

    A new event type for modification of upload-email properties, such as access type (in addition to the existing enable/disable events for upload email functionality)

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  20. Improve CORS whitelist wildcard support

    I would love to be able to use wildcards in CORS with a little more specificity. In particular, for review apps on Heroku, you will have a url that is auto-generated for each pull request, so something like http://my-app-dev-pr-523.herokuapp.com. I would like to be able to add http://my-app-dev-pr*.herokuapp.com to the CORS list but it currently flags that is an improper URL so I have to do the much more broad (less secure) http://*.herokuapp.com

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  • Don't see your idea?

Feedback and Knowledge Base