Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
252 results found
-
Allow http://127.0.0.1 as redirect_url in published box apps
It is currently disallowed to use redirect_urls of the form http://127.0.0.1 in published apps.
These give the error "insecureredirecturi".
These are allowed in unpublished apps.
Having a redirect to 127.0.0.1 is very useful for native apps which run on the users computer (eg rclone https://rclone.org ).
It is pretty much impossible to do https to 127.0.0.1 - you can't get a valid certificate for it. See this link for details: https://letsencrypt.org/docs/certificates-for-localhost/ - and also for reasons why using http://127.0.0.1 is treated as secure by browsers.
I'll describe how rclone, a native CLI app works. Rclone runs on the…
1 vote -
macOS SDK support
It would be great to see full macOS support in the Box SDK.
I realize that the name of the Apple-flavored SDK is "box-ios-sdk", but "osx" is listed as one of the supported platforms. It compiles and links just fine, but the code path bails on OAuth sign in support.
It looks like most of the SDK would work fine for API calls post authentication, so I think it's mainly a matter of wiring up browser-based sign-in like Dropbox does for their SDK: https://github.com/dropbox/SwiftyDropbox. This seems to be confirmed by a response from @sujaygarlanka in a submitted GitHub issue: …
1 vote -
API-level access to Box Admin Console settings
Amazon has many EIDs and their security team needs to be able to apply and monitor enterprise settings in a centralized, scalable way.
1 vote -
Provide a Go / Golang SDK for Box
Add Golang SDK
1 voteAt this point we have no plans to add SDK support for Go/Golang
-
We want to be able to use the BoxAPI only from whitelisted IP addresses
We want to be able to use the BoxAPI only from whitelisted IP addresses
(For example, register the IP address list of our proxy server )We believe it is the best to be able to specify a list of accessible IP address range on the apps in the application registration screen
1 vote -
I would like to automatically set some options when creating a Box user. This is more about options in the Account settings.
We are currently provisioning automatically BOX users via our IDP and SAML assertion.When a user is added to an Active Directory group, his BOX account is automatically created.
I would like to automatically set some options when creating a BOX user. This is more about options in the Account settings. For example : country, number of lines displayed by page, default homepage…
Having particular attributes or API calls to manage these issues would fulfill the need.
1 vote -
Total space used and total space allocated at enterprise level through API
Whenever we want to get total space used and total space allocated at enterprise level through api, we have to iterate through every user. Even then total space allocated at enterprise level would not be 100% accurate. If you guys can expose any api where we would get those information accurately.
1 vote -
Format Event Stream Event Types on Box.dev
On box.dev, please format the available event types for the event stream in a more readable format. Descriptions for the event would also be helpful.
1 vote -
Possible to unlock by just id of the lock object
Locks may have been destroyed by others.
In the current, just before releasing the lock, the owner of the lock needs to confirm that the owner is himself, so it is useless.
If we can release this from the object returned at locked, we can write logic more smartly.1 vote -
Clearer token scope documentation
Can you specify that the item_share scope for downscoping tokens is for shared links and not collaboration?
1 vote -
Ability to Initiate Custom CLI Scripts from Admin Console
Admin/Co-Admin Only Function.
For co-admins -This could be added as an optional setup parameter. Scope would be user administration and custom reporting. A user defined menu to initiate "batch job " . The script selection display could include script name, description and the ability to link to a documentation folder in box.1 vote -
UX dead end
Can’t scroll these pages on mobile
1 vote -
New field that indicates whether that specific folder has any collaborations of its own, i.e. not inherited from a parent
We have a big problem on our hands when it comes to obtaining all of the collaborations a user created inviting others to their content. There simply is no quick way of doing this, especially on users having massive folders. We discovered that the GET action on the /Folders endpoint has an available request field called “hascollaborations” which indicates whether the folder has any collaborations. I really hoped we could leverage this to cut down on the unnecessary calls to the /Folders/{folderId}/collaborations endpoint if the folder being iterated over had no collaborations, but unfortunately it returns “true” even if…
1 vote -
iOS SDK
'Mark for offline' capability in SDK. Either read-only or edit-sync is a critical requirement for field worker use cases.
With current SDK developers need to build this which is expensive and risky.
1 vote -
Doc feedback
The layout and the padding feels weird. This applies to both the navbar as well as the content.
1 vote -
Start accepting an array of strings as 'aud'
Hi. I'm trying to use jwt authentication with box. I'm new to JWT. The library I'm using seems to send the 'aud' value as an array of strings, and looking at the specification for JWT, that's what it's supposed to send. This doesn't work with box though, box only allows a single string as 'aud'.
1 vote -
Could add "item_execute_integration" to scopes page.
could add "itemexecuteintegration" to https://developer.box.com/docs/scopes#section-application-scopes ?
I think the developer gets angry or confuse.
1 vote -
Add length of field to API documentation
It would be nice to explicitly mention the length of some of the fields. In our enterprise account all the users had 10-digit UIDs, so I thought that was the standard length, but we had some users with preexisting lite accounts rolled in and a few of them had 8-digit or 9-digit UIDs. I see now that the example UID provided had 9 digits, so my bad there, but I initially just looked at the 'id' attribute under 'user object' to try and find the length and it would be nice I think to have something like 'id / string…
1 voteThanks for the suggestion. We generally don’t provide lengths for fields unless there is a concious decision to define a specific length or range as a contract. Given that the type of field for user id is a string, the fact that user id values ranged from 8-10 digits is an implementation detail, not a guarantee.
-
New event type for modification of upload-email properties
A new event type for modification of upload-email properties, such as access type (in addition to the existing enable/disable events for upload email functionality)
1 vote -
Improve CORS whitelist wildcard support
I would love to be able to use wildcards in CORS with a little more specificity. In particular, for review apps on Heroku, you will have a url that is auto-generated for each pull request, so something like http://my-app-dev-pr-523.herokuapp.com. I would like to be able to add http://my-app-dev-pr*.herokuapp.com to the CORS list but it currently flags that is an improper URL so I have to do the much more broad (less secure) http://*.herokuapp.com
1 voteThis is not currently planned
- Don't see your idea?