The Integration blog covers the latest in product updates, best practices, customer stories, and more.

Introducing the Box Adapter in Oracle Integration

Yogesh Sontakke, and Tuck Chang

As many of you might know already, at Oracle Open World (OOW) 2019 a few months ago, we announced our partnership with Box to empower our customers to connect their cloud and on-premises Oracle and third-party applications with Box via Oracle Integration (OIC). Read the announcement from OOW here.

Box offers enterprises content management as a cloud service, enabling organizations to share files, collaborate between team members, and manage the lifecycle of content securely. As a cloud service, Box can scale as its customers needs grow in size and depth of complexity including attaching custom metadata to content and watermarking content for review.

Today, we are pleased to present the availability of the Box Adapter (in preview mode), which offers bound inbound and outbound integration with Box on the Oracle Integration platform. Integration designers can now use this adapter in conjunction with the vast array of other adapters that provide connectivity to various different technologies, cloud services, and on-premise applications.

The Box adapter supports outbound operations to Box that can manage files and folders as well as work with metadata for these artifacts.

For managing files and folders, the adapter supports working with folder and their contents, working with files and uploading / downloading files, acquiring and updating shared links, and managing watermarks on files.

For managing metadata, the adapter supports lifecycle management (creating, retrieving, updating, deleting) of metadata for files and folders. The adapter has the ability to read the custom metadata templates that a Box user may have created for their enterprise use.

The Box adapter also supports inbound notifications from Box in the form of a webhook notification. During configuration, the adapter allows the Oracle Integration developer to choose the events that they would like to receive for a particular file or folder.

The Box adapter uses Box's OAuth 2.0 authentication and authorization framework to obtain the proper access token to execute the API securely. For more information about OAuth 2.0 supported by Box and the steps to register an app to enable this authentication route, please visit: 


Of particular note, the Box adapter secures webhook notifications by verifying the notifications against signature keys that are used to sign every notification from Box to ensure that the notification is authentic. To ensure no downtime, Box employs a two signature keys approach for signing webhook notifications. Verifying either signature can be deemed as sufficient to verify the authenticity of the message. Thus one key can be regenerated and changed in Oracle Integration enabling the remaining key to still work. The other key can be updated once the first key has been updated ensuring that there is no downtime in notification verification.

As usual, these credentials are saved securely in Oracle Integration.

Full details in our Oracle Integration technical docs here

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.