Box
The Box connector gives AI agents the ability to browse, read, upload, organise, and share files in Box through the official Box API using OAuth 2.0. Your Box credentials are stored encrypted in MCPGate's vault and are never exposed to the AI client.
Tool reference#
The Box connector exposes 12 tools: 5 read, 6 write, and 1 delete. Use the MCP Apps page to enable or disable individual tools per app, and the Guardrails page to add fine-grained rules on top.
| Tool | Category | Description |
|---|---|---|
| box_list_files | read | List files and folders in a Box folder (defaults to root) |
| box_get_file | read | Get metadata for a Box file by ID |
| box_read_file | read | Read the text content of a Box file (UTF-8 text only, max 1 MB) |
| box_search | read | Search for files and folders in Box by query string |
| box_get_share_link | read | Get the shared link for a Box file or folder |
| box_upload_file | write | Upload a file to a Box folder |
| box_create_folder | write | Create a new folder in Box |
| box_move_file | write | Move a Box file or folder to a different parent folder |
| box_copy_file | write | Copy a Box file or folder to a destination folder |
| box_share_file | write | Create or update a shared link for a Box file or folder |
| box_revoke_access | write | Remove the shared link from a Box file or folder |
| box_delete_file | delete | Delete a file or folder from Box |
Text content limit
box_read_file only reads UTF-8 plain-text files up to 1 MB. Binary files, PDFs, and Office documents are not supported — use box_get_file to retrieve metadata and download URLs instead.Common guardrail recipes#
Read-only access#
Enable only the five read tools and deny all write and delete tools. Suitable for agents that need to browse and read files without modifying the file hierarchy or sharing settings.
Contribute preset#
Use the built-in contribute preset to allow reads plus box_upload_file, box_create_folder, box_move_file, and box_copy_file. Sharing and deletion tools remain denied, preventing the AI from making content publicly accessible or removing files.
Restrict to specific folders#
Apply the allow_values guardrail template to write tools, targeting the parent_id or folder_id field. Provide a list of Box folder IDs the agent is permitted to write to. Requests targeting any other folder are denied before the API call is made.
Troubleshooting#
- 404 on file operations — The file or folder ID does not exist or is not accessible by the connected account. Verify the ID is correct and the account has at least viewer access.
- Token expired after long inactivity — Box OAuth tokens expire. MCPGate automatically refreshes tokens; if refreshing fails, disconnect and reconnect the Box connector.
- Upload fails for large files —
box_upload_fileuses the standard single-request upload endpoint. For files over 50 MB, Box requires chunked upload which is not currently supported. Split large uploads into smaller files.