My company has a very strictly controlled access policy to Box. Not all users with email addresses in our verified domains for box are allowed to use it. It is controlled by an SSO login with specific user access defined to Box. Recently, I have seen when members of our organization receive a Box Sign request from an external source these users, who should not be allowed access to our Box instance are auto-enrolled as a managed user. This happens I assume because the domain of their email address matches the verified domain my Company uses for Box.
We do not want this to occur. When it happens I must remove these users manually after I get notified of the new unauthorized addition to the managed user count.
How do we stop this from happening?
Question
Restricting auto-enrolls for users with externally generated Box Sign requests
Hi
Welcome to Box Community, and we’re here to help prevent the automatic user creation.
As a Box Administrator you can turn off the Auto-Enrollment setting:
- Open Admin Console.
- Go to the settings for your verified domain(s).
- Find the auto-enrollment setting.
- Turn auto-enrollment off for the affected domain.
What it’s in it:
- If a recipient of an externally sent Box Sign request uses an email address that matches your verified domain, Box may treat that person as eligible for managed-user enrollment because of the domain-level auto-enrollment rule.
- Disabling that domain auto-enrollment prevents those users from being automatically added as managed users.
You could test it out if you have time and see if that would resolve your query.
Hope it helps! Please don’t hesitate to reply back if you need additional assistance.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.