Skip to main content

Hi all.

We manage about 300 users in the organization.
We log in to BOX DRIVE using SSO for the corporate Microsoft user.
Last month, we discovered that a user who was logged out of ENTRA and we performed a REVOKE SESSION on him but remained active in the BOX interface still accessed files in the system, downloaded them, and was also able to edit them.
I would love to know how this happens and also if it is possible to do a REVOKE SESSION to BOX itself without going through Microsoft.
When I log in to the system's management interface, it appears that there are no devices associated with this user.
Thanks in advance.

Hi ​@shmuelbass

Welcome to Box Community, and we’re glad to help!

To get a closer look, I’ve submitted a new case and someone from Box Product Support team will reach out to you through email. Please keep an eye out and we will be in touch. 

 

Thanks for posting, and we hope to get this sorted out very soon! 

Reply


Terms & ConditionsCookie settings