Box Approval-Gated File Publishing
When a file lands in a Box review folder, the flow starts a Teams/Outlook approval; on approval it moves the file to a published folder and applies a shared link, and on rejection moves it to rework with comments. Adds a governed review gate to Box publishing.
Provided as-is, without warranty of any kind. Review and test each pattern in a non-production environment before deploying it to live automations. See our Terms.
Overview
This flow adds a governed review gate to Box publishing. When a new file lands in a Box review folder, it starts a Basic (Approve/Reject) approval routed to a reviewer via Teams and Outlook. On approval it copies the file to the published folder, applies a Box shared link, deletes the original (completing a move), and posts a confirmation to Teams. On rejection it moves the file to a rework folder and notifies Teams with the reviewer's comments.
Why it matters: content shouldn't go live unreviewed. An approval gate over Box folders enforces sign-off with an audit trail, and routes rejected drafts back for rework automatically.
Ships Off (demo).
Use Case
A content or operations team drafts in Box and needs approval before files are published or shared externally. This flow watches the review folder, gates each new file behind an approval, and routes the file to the right destination based on the decision - keeping all activity visible in Teams.
Flow Architecture
When a File Is Added to the Review Folder
Box - OnNewFilesV2Fires once per new draft file in the Box review folder (batch, properties-only, splitOn).
Initialize Config
Initialize variableSets the published/rework folder paths, approver email, Teams group/channel ids, Box access token, and the shared-link access scope (default company).
Start Publishing Approval
Approvals - StartAndWaitForAnApprovalRoutes an Approve/Reject (Basic) approval to the reviewer and waits.
Check Approval Outcome
ConditionBranches on outcome == Approve.
Approved branch
Box CopyFile/DeleteFile + HTTP + TeamsCopies the file to the published folder, applies a Box shared link via built-in HTTP PUT (Box has no shared-link op), deletes the original, and posts a confirmation to Teams.
Rejected branch
Box CopyFile/DeleteFile + TeamsCopies the file to the rework folder, deletes the original, and notifies Teams with the reviewer's comments.
Environment Variables
| Schema name | Type | Default | Description |
|---|---|---|---|
| flowlibs_ReviewFolderId | String | 0 | Box folder ID watched by the trigger for new drafts. |
| flowlibs_PublishedFolderId | String | 0 | Box destination path for approved files. |
| flowlibs_ReworkFolderId | String | 0 | Box destination path for rejected files. |
| flowlibs_ApproverEmail | String | reviewer@contoso.com | Reviewer email for the approval assignee. |
| flowlibs_TeamsGroupId | String | <your-team-id> | Teams team (group) id for notifications. |
| flowlibs_TeamsChannelId | String | <your-channel-id> | Teams channel id for notifications. |
| flowlibs_BoxAccessToken | String | REPLACE_WITH_KEYVAULT_REF | Box OAuth bearer token for the shared-link HTTP call - back with Azure Key Vault in production. |
Connectors & Connections
| Connector | API name | Actions used |
|---|---|---|
| Box | shared_box | OnNewFilesV2 CopyFile DeleteFile |
| Approvals | shared_approvals | StartAndWaitForAnApproval |
| Microsoft Teams | shared_teams | PostMessageToConversation |
| HTTP | shared_http | PUT /2.0/files/{id} |
Note — All connections are referenced as solution connection references; the flow is portable between environments as long as a connection is mapped at import time.
Customization Guide
Almost every realistic variant of this flow can be implemented by changing environment variable values. A few cases require small edits inside the flow definition — those are called out explicitly below.
- Multi-reviewer approval
- Switch StartAndWaitForAnApproval to a Custom / Everyone must approve type for sign-off from multiple reviewers.
- Shared-link scope & expiry
- Change varSharedLinkAccess (open / company / collaborators); extend the HTTP body with unshared_at for an expiring link.
- Watermark / stamp
- Add a step to stamp or watermark approved files before publishing.
- Metadata write-back
- Record the approval outcome, approver, and timestamp to a Box metadata template or a Dataverse log table for full audit history.
- Filter by file type
- Add a Condition after the trigger to gate only certain extensions.
Key Expressions
The flow is intentionally light on Power Fx / WDL gymnastics — the heaviest expressions are the branch-name concatenation and the approval outcome check. They are listed below in the order they appear in the flow.
EXPR.01Approved test
Branches publish vs rework.
EXPR.02Destination path
Published path for approved files.
EXPR.03Reviewer comments
Captured for the rejection notice.
EXPR.04Shared-link HTTP auth header
Bearer header for the Box REST call.
Comments
Sign in to join the conversation.
Sign inNo comments yet. Be the first to share your experience with this flow.