SaaS API and Box app Integration failed due reason “Invalid Credentials” and “Access from IP not allowed”
302
Created On 10/31/22 19:00 PM - Last Modified 11/12/25 23:42 PM
Symptom
The integration "SaaS Security API and Box cloud app failed". Admin who did the integration was rendered with a pop-up “Invalid Credentials” and “Access from IP not allowed”
Environment
A working cloud service environment (SaaS Security API and Box app):
- A Chrome browser is recommended. The integration can be tried on other browsers (regular or incognito mode of Safari or Mozilla Firefox).
- A fully provisioned SaaS Security API with a Super Admin permission
- A service account on Box app an ADMIN with highest permissions
Cause
SaaS Security API validates Admin permissions towards a successful integration and to access Box app assets. This issue may occur due to one or more issues of attributes that are used during integration which uses oAuth communication
- A service account is less privileged than ADMIN account. Example “CO-ADMIN” or “GROUP ADMIN”
- A customer or cloud app infrastructure firewall blocking SaaS Security API infrastructure IP
Resolution
By normalizing service accounts and allowing infrastructure IPs within Customer/Cloud app infrastructure firewalls will resolve the issue. Here are some examples documentation to fix the issue.
Ensure the service account is an ADMIN with all permissions including developers and SSO edition as documented Make sure that the service account on SaaS Security API is a Super Admin. The following Geo specific list of IPs need to be in “allow-list” of infrastructure firewall