Skip to main content
Glama
shigechika

boxadm-mcp

by shigechika

Server Configuration

Describes the environment variables required to run the server.

NameRequiredDescriptionDefault
BOX_API_BASENoAPI base URL (default https://api.box.com)
BOX_AUTH_MODENooauth or ccg (default ccg)
BOX_CLIENT_IDYesApp Client ID
BOX_TOKEN_CACHENoOAuth token cache path (default ~/.config/boxadm-mcp/token.json)
BOX_CLIENT_SECRETYesApp Client Secret
BOX_ENTERPRISE_IDNoEnterprise ID (required for ccg mode)
BOX_ALLOWED_DOMAINSYesInternal email domains (comma-separated)
BOX_OAUTH_REDIRECT_URINoOAuth redirect URI (default http://localhost:8787/callback)

Capabilities

Features and capabilities supported by this server

CapabilityDetails
tools
{
  "listChanged": false
}
prompts
{
  "listChanged": false
}
resources
{
  "subscribe": false,
  "listChanged": false
}
experimental
{}

Tools

Functions exposed to the LLM to take actions

NameDescription
health_checkA

Report server version, Box connectivity/auth, and configuration.

Call this at session start (or after a tool-call timeout) to confirm the MCP is up, see which version is running, verify the Box enterprise token can be obtained (CCG) and that the admin_logs event scope is actually granted, and view the org domain allowlist used for external detection. Lightweight: one token request plus a single-row events probe — it does not scan history.

Always returns the same keys: status (healthy / degraded / error), service, version, auth_mode (ccg / oauth), box_api_base, enterprise_id, auth (ok / error / missing-env / needs-login), events_accessible (bool), and allowed_domains. On a degraded or error result, detail carries the reason.

recent_admin_eventsA

Fetch recent enterprise admin_logs events (raw passthrough).

Diagnostic/starter tool: returns Box events verbatim so the real event types and field shapes can be confirmed before analytics tools are layered on. For external-sharing work the event types of interest are typically COLLABORATION_INVITE / COLLAB_ADD_COLLABORATOR, SHARED_LINK_CREATED / ITEM_SHARED_CREATE, and DOWNLOAD / PREVIEW.

Args: event_types: Comma-separated Box event_type filter (empty = all types). since_hours: Look-back window in hours (default 24). limit: Max events to return in this page (default 100). stream_position: Continue a previous page by passing back the next_stream_position from the prior call (empty = first page). Box caps a single page at 500, so manual paging is needed to walk a busy window — or use external_access_events which pages for you.

external_access_eventsA

Surface external file access (DOWNLOAD / PREVIEW) from enterprise admin_logs.

Enterprise-wide (events stream): over the window, flags each access whose actor (created_by.login) is outside the org domain allowlist — an external party, or an anonymous open-link visitor (no login) — and whether it came via a shared link. Aggregates to the top externally-accessed files and the top external accessors, so an admin can spot unusual outbound data pulls.

Args: since_hours: Look-back window in hours (default 24). max_events: Cap on DOWNLOAD/PREVIEW events scanned (default 5000); the result's capped flag is true when more existed (never silently truncated). top: How many top files / accessors to return (default 20). created_by_logins: Comma-separated accessor logins to trace (empty = all). When set, switches to DLP-tracing mode (see below).

Returns window_hours, events_scanned, capped, external_access_count, via_shared_link, top_external_accessors (login + count + bytes), and top_externally_accessed_files (item id/name/ owner + external-access count). On failure returns {"error": ...} (incl. needs-login for an expired OAuth session).

Notes:

  • via_shared_link counts ALL scanned accesses that went through a shared link (internal and external), not just external ones.

  • Events are scanned oldest-first from the window start. When capped is true the aggregates reflect only the scanned (earliest) slice, NOT the full window — raise max_events for a complete picture.

  • DLP tracing (created_by_logins set): scans up to the wider of max_events and 50000 events (the accessor may sit anywhere in the window) but keeps only that accessor's events, so the answer to "which files did this account pull" is exact and bounded. The result reports events_matched (not events_scanned — this mode doesn't track the scanned total; judge coverage by capped), filtered_logins and matched_events (per access: item id/name, owner, size bytes+GB, created_at, event_type, accessor, via_shared_link); the aggregate is scoped to the filtered accessor(s). capped true means the window was not fully scanned (raise max_events).

external_collaboratorsA

List external collaborators on Box folders (current state, enumeration).

Walks folders the authenticating co-admin user can see (default from the root "All Files") and reports collaborations whose collaborator is outside the org domain allowlist — accepted external users or pending external invites. Useful to review who outside the organization has standing access.

Args: root_folder_id: Folder to start from ("0" = the user's root). max_folders: Cap on folders visited (default 150); capped discloses when coverage was cut short. max_depth: Folder recursion depth (default 1 = top-level folders only).

Coverage note: limited to content the co-admin user can access (not provably 100% of the enterprise) and to the depth/folders caps. Returns folders_scanned, capped, count, and external_collaborators (folder, owner, collaborator, role, status, expires_at). On failure returns {"error": ...}.

public_shared_linksA

List items with an open ("anyone with the link") shared link (enumeration).

Walks folders the authenticating co-admin user can see and reports files and folders whose shared link access is open — reachable by anyone with the URL, the highest-exposure sharing mode.

Args: root_folder_id: Folder to start from ("0" = the user's root). max_folders: Cap on folders visited (default 150); capped discloses truncation. max_depth: Folder recursion depth (default 1 = top-level only; raise to reach file links inside folders).

Coverage note: limited to content the co-admin user can access and to the caps. Returns folders_scanned, capped, count, and public_shared_links (item type/id/name, owner, access, can_download). On failure returns {"error": ...}.

top_external_sharersA

Rank internal owners by their external exposure (enumeration).

One traversal (same as external_collaborators / public_shared_links), then ranks internal file/folder owners by how much external exposure they hold: external collaborations + open shared links on content they own. Surfaces the people whose content is most exposed outside the organization.

Args: root_folder_id / max_folders / max_depth: traversal bounds (see external_collaborators). top: How many owners to return (default 20).

Coverage note: limited to the co-admin user's visible content and the caps. Returns folders_scanned, capped, and top_external_sharers (owner, external_collaborations, public_links, total). On failure {"error": ...}.

daily_briefA

Morning DLP brief: external access (events) + external-sharing state (enumeration).

One call that combines:

  • access (enterprise-wide, events): external DOWNLOAD/PREVIEW in the last since_hours, with top external accessors and top externally-accessed files.

  • exposure (co-admin visible folders, enumeration): current external collaborations, open ("anyone with the link") shared links, and the owners most externally exposed.

Reuses the cached folder scan, so calling this alongside the other enumeration tools doesn't re-walk. Args mirror the underlying tools; top defaults to 5 for a compact summary. Coverage/caps caveats are the same (capped flags + enumeration limited to the co-admin's visible content). On failure returns {"error": ...}.

Prompts

Interactive templates invoked by user choice

NameDescription

No prompts

Resources

Contextual data attached and managed by the client

NameDescription

No resources

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/shigechika/boxadm-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server