Enable Box Event Stream
Box has introduced a new feature called Box Event Stream also known as Box Fast Push Notification. There are a couple of benefits of using Event Stream:
Improved performance for ongoing policy processing: By moving from polling to event notifications, and with the details provided by Box Event Stream notifications, Netskope can process events much faster than with the traditional polling mechanism.
Reduced volume of API calls: Netskope significantly initiates a smaller number of API calls to your Box account. Moving to Event Stream reduces the contention among apps competing for the same API quota (e.g. scripted infrastructure running under a common admin account).
Customers can leverage the Box Event Stream capability by authorizing the Netskope Event Stream app in the Box admin console. To do so, follow the steps below:
Log in to your Box account using the admin account and go to the Admin Console.
Ensure that the Netskope Introspection app is installed as described in Authorize Netskope Introspection App on Box Enterprise.
If you are granting access to API Data Protection as a co-admin, select a co-admin user from the list of users and enable the permissions for the co-admin as mentioned in steps 4-6. If you are granting access to API Data Protection as an admin, skip steps 4-6 and proceed to step 7.
Note
Only an enterprise admin user has the right to enable permissions for a co-admin user.
Navigate to Users and Groups > Managed Users in the top menu bar. Click a co-admin user from the list.
In the Edit User Access permissions section, select the permissions to grant the co-admin, and then select the Co-Admin checkbox to grant additional administrative privileges. Under Reports and Settings, enable the following permissions:
View settings and apps for your company: Enable this permission to allow the co-admin to grant Netskope to access your Box account.
Edit settings and apps for your company: Enable this permission to allow the co-admin to install and authorize the JWT and Event Stream app.
Click Save.
If you are authorizing as co-admin, log in as co-admin and proceed to the next steps.
Navigate to Admin Console > Apps > Custom Apps Manager and click Add App. Under Client ID, enter the API key of the Netskope Event Stream application and authorize it. Based on the management plane (MP) location of your tenant, enter the appropriate key:
If your Netskope tenant is based out of the SV5 MP (<tenant-name>.goskope.com), the API key is:
rs4wjqnbfd58lwb2kxrd3kktpyeb3wnc
If your Netskope tenant is based out of the SJC1 MP (<tenant-name>.goskope.com), the API key is:
o7t65264vygg5wflcafepoxfbpxt6rzq
If your Netskope tenant is based out of the SJC2 MP (<tenant-name>.goskope.com), the API key is:
e844627yfra0uia27mwj6em30eos6gyf
If your Netskope tenant is based out of the AM2 MP (<tenant-name>.eu.goskope.com), the API key is:
xai82jadyoko9rgjmbgyznk9krn82srj
If your Netskope tenant is based out of the FR4 MP (<tenant-name>.de.goskope.com), the API key is:
9fp3ciu1ytrcctzyh5bs4gi49m2vfjwf
If your Netskope tenant is based out of the MEL2 MP, (<tenant-name>.au.goskope.com), the API key is:
wcd7s55affmqfoj1mmje2anin0979exe
If your Netskope tenant is based out of the LON3 MP, (<tenant-name>.lon3.goskope.com), the API key is:
5sjjz6x86gpabu14n30n2kt2wmxh7r5i
If your Netskope tenant is based out of the SIN2 MP, (<tenant-name>.sin2.goskope.com), the API key is:
emwksy7b39iltpn95gak611e1b6p2gmi
If your Netskope tenant is based out of the RUH1 MP (<tenant-name>.goskope.com), the API key is:
yxc0uj7keu0i0swc1pjiheg210icz3n3
If your Netskope tenant is based out of the ZUR2 MP (<tenant-name>.eu.goskope.com), the API key is:
32r8nisxy363cglpvqd94n6ee2x052te
Note
If you are not sure of the MP location of your tenant, contact your sales representative or Netskope support.
Click Next and Authorize.
Important
Once you have authorized the Netskope Event Stream application, you should see the application under the Custom Apps tab. If the application is disabled, click the more options (...) icon, click Enable app authorization, then Enable.
On the Custom Apps tab, click Settings.
The Global App Settings pop-up window opens.
If the Disable unpublished apps by default option is enabled, enter the MP-specific client ID under the exception list and click Save.