Box: Deploying Forcepoint ONE SSE as a SAML IdP

This topic describes the procedure to setup the SSO configuration for Box.

Before you begin

Box support intervention is required to setup the SSO configuration. Open a ticket with Box support and provide the SAML SSO configuration from the Box app settings page in Forcepoint ONE SSE.

Follow the steps below to find Box SSO configurations in Forcepoint ONE SSE:

Steps

  1. Navigate to the Box application settings page and ensure that you have SAML SSO cutoff enabled in your app instance.




  2. Back on the Box settings page, select Setup Web SSO and keep this page open as you will need to provide this information to Box.




    Note: In some scenarios, you may want users to be logged out of both Forcepoint ONE SSE and an external IdP when clicking the logout link in the application. To accomplish this, use https://portal.bitglass.com/accounts/logout/ as the Logout URL instead of the default of https://portal.bitglass.com/portal/

    After verification that SSO is working as desired, ask Box support to change the account configuration to an SSO Required mode which will guarantee that all user traffic is secured by Forcepoint ONE SSE.