Hello,We are currently piloting Box AI and have temporarily promoted a user to co-admin in order to allow them to create and manage Box AI Agents. However, we’ve encountered a concern: granting admin access also gives the user visibility into File Requests across the organization, which we would like to restrict for confidentiality reasons.We’re looking for one of the following solutions: Allow AI Agents to be created or modified by another user so we can delegate Box AI work without granting elevated admin privileges. OR Provide a way to remove or hide the File Request tab for a specific admin or role, while still allowing access to Box AI agent creation and management. Can you confirm whether either of these options is currently possible? If not, are there plans to support more granular permissions for AI and File Request visibility in the near future?

Question

Promoting a user to create AI Agents

Forum|Forum|7 months ago
May 1, 2025
3 replies
79 views

rcjreggio
Participating Frequently

Hello,

We are currently piloting Box AI and have temporarily promoted a user to co-admin in order to allow them to create and manage Box AI Agents. However, we’ve encountered a concern: granting admin access also gives the user visibility into File Requests across the organization, which we would like to restrict for confidentiality reasons.

We’re looking for one of the following solutions:

Allow AI Agents to be created or modified by another user so we can delegate Box AI work without granting elevated admin privileges.

OR

Provide a way to remove or hide the File Request tab for a specific admin or role, while still allowing access to Box AI agent creation and management.

Can you confirm whether either of these options is currently possible? If not, are there plans to support more granular permissions for AI and File Request visibility in the near future?

Jey Bueno Box
Community Manager
Forum|Forum|7 months ago
May 2, 2025

👋 Hi @rcjreggio, welcome back to the Box Community!

One of our support team members tried to reproduce the issue you encountered, and it’s likely a bug. According to our support staff, when they checked this on their end, a co-admin ONLY HAS ACCESS TO AI STUDIO. However, when logged in with that user account and accessing the Admin Console, the co-admin can see both AI Studio and Content, which allows them to modify or delete File Requests.

To clarify, the co-admin cannot view the data associated with the File Request, but they do seem to have the ability to modify or delete the File Request.

For further investigation into this behavior, please submit a support ticket to our Product Support team.

We look forward to having this resolved soon. 🙌

R

Like

R

rcjreggio
Author
Participating Frequently
Forum|Forum|7 months ago
May 2, 2025

Thanks, @Jey Bueno, I appreciate the detailed reply.

It’s helpful to know that this may be unintended behavior. To clarify our concern: while the co-admin cannot see the actual contents submitted via File Requests, the visibility and ability to delete or modify those File Requests still pose a confidentiality risk for our organization.

We’ll go ahead and open a support case with Box as you recommended to help further investigate this.

Thanks again for looking into this.

Like

Jey Bueno Box
Community Manager
Forum|Forum|7 months ago
May 2, 2025

You’re most welcome, @rcjreggio. I completely agree 💯. Of course, it’s always a part of the organization’s security strategy to assign specific and/or limited permissions and access to end-users based on their role or the areas they need to access and modify. We appreciate you raising this issue.

I can confirm that you’re able to submit a ticket. Please continue working with our Product Support team to resolve this concern.

As always, feel free to reach out if you have any other questions or concerns that we can assist with. 💙

Like

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded