You can add two types of email accounts to your Boxer application – Managed account and Unmanaged account. Your admin configures the managed accounts and the personal email account that you configure are the unmanaged accounts. Learn how to add and configure these accounts.
Access your Managed Account
Sign in to your managed account in Workspace ONE Boxer.
Before you begin, make sure that you have enrolled your device with Workspace ONE through Workspace ONE Intelligent Hub.
- Sign in to your managed account.
- Tap Continue to access your emails.
Add Unmanaged Email Accounts
- Enter a valid email address.
If you type an invalid email address, you receive an error message.
- Select one of the two options - Add account or Manual Setup.
- Tap Add account.
Workspace ONE Boxer attempts to determine the account type based on the email domain.
- If the account type is determined, you can enter the password for the account in the Workspace ONE Boxer interface.
- After password submission, Boxer verifies the credentials with a relevant server for validation. If validated, the account gets added to Boxer, and you are navigated to Boxer's mail view.
- If the account type is not determined, add an account manually through the Manual Setup option.
- Tap Manual Setup to view the list of available account types.
- Select the required account type from the list. The selected account type determines the screen to be displayed next.
- If you select Outlook, the relevant web view is presented to enter your email address and password for authentication. Upon Outlook server authentication, server requests you to grant permission to access their account. If agreed, the account gets added to Workspace ONE Boxer.
- If you select any other account, you are required to enter the password for that account in the Boxer interface. After submitting the password, Boxer verifies the credentials with the relevant server for validation. If validated, the account gets added to Workspace ONE Boxer.
- If you select Exchange and Other as the account type, you must provide additional information for account setup if your password is incorrect or cannot be verified. Further setup details include details about the incoming and outgoing servers.
- You can also add multiple accounts in Workspace ONE Boxer. To do this, navigate to .
Use Single Sign-On (SSO) Passcode to Access Workspace One Boxer
Single sign-on (SSO) is a user authentication service that allows you to use a set of login credentials to access the Boxer application.
If configured by your administrator, you are prompted to create the SSO passcode. You can use this passcode only if your admin enables the SSO functionality using Workspace ONE Intelligent Hub.
If you have forgotten the passcode, you are provided with options to sign in either with a user name and password or a token depending on the settings configured by your administrator.How to Set Up an Application Passcode
If your admin has configured to authenticate Boxer using a passcode or user name and password with SSO deactivated, you must create an application-level passcode. While accessing Workspace ONE Boxer for the first time, you are prompted to set up the application passcode. You can use the same passcode on subsequent launches.
Use PIV-D Manager to Enroll into Workspace ONE Boxer
- Enroll your device using Workspace ONE Intelligent Hub.
- Install Workspace ONE PIV-D Manager on your device. If you are enrolling into Boxer without installing the PIV-D Manager, you are prompted to download the application to continue the enrollment.
- Enter the enrollment credentials and select Next. The message Credentials Activation appears.
- After the verification of the credentials, Workspace ONE Boxer is launched.
Protect your Emails Using Azure Information Protection (AIP) Sensitivity Labels
You work with people outside or within the organization to meet your business needs. Usually, you exchange data or share confidential information with your colleagues through emails, making your data vulnerable and accessible to all. You must therefore monitor who can see your data and who can modify it. Workspace ONE Boxer gives you the ability to do so. With Azure Information Protection (AIP) Sensitivity labels, you can protect your emails and secure your organization's data without the compromising the productivity and employee collaboration.
Learn how to configure, apply, and modify the sensitivity levels.
Configure Azure Information Protection (AIP) Sensitivity Labels in Workspace ONE Boxer
- To enable the sensitivity labels in Workspace ONE Boxer, tap the Enable option in the banner displayed on the inbox screen.
- If you have multiple managed accounts and you are on All Accounts screen, you must select an account for which you want to enable the sensitivity labels. When you have a single managed account, you are directly redirected to the Microsoft page, where you have to consent manually.
- Tap Accept on the Microsoft page and consent manually.
After receiving the consent, Boxer fetches all the labels from Azure. You can apply these labels to your emails and also receive emails with labels.
- To update the older emails with sensitivity labels, you can resynchronize Boxer.
Even if you do not receive the consent, you can still access the emails, but you cannot apply any restrictions and classification to the email content.
Apply Azure Information Protection (AIP) Sensitivity labels to Emails
You can apply a sensitivity label when you compose a new email, reply, or forward a received email. To apply a label on your email, you must tap the label icon. Upon tapping, you can see a list of all the labels configured in Azure.
- You cannot select the parent labels. You can only select the child labels.
- If the default label functionality is enabled in Azure, you can see that the label has already been applied to the list.
- When you apply a label to an email, you can see the following things in the email body:
- Snackbar to confirm that you have applied a label.
- The label icon turns red.
- A solid red line appears under the subject of the email.
Receiving Emails with Azure Information Protection (AIP) Sensitivity Labels
When you receive an email with an applied sensitivity label, you can see the name of the applied label and a label icon marked in red. You can also see the header and footer text if the label has the settings for it. The header and footer text that appears in the email body is according to the label settings in Azure.
Based on the settings of the label, sender can restrict you to perform actions such as Reply, Reply all, or Forward on the received email.
When you tap the label name, you can view the additional label details such as name, permissions, and restrictions applied on the received email. If the sender gives you the permission, you can also change the label of the received email. Sometimes you are asked to provide a valid reason for changing the label. The policy setting in Azure controls such requests.
You cannot access sensitivity labels in the cases where:
- Your admin has enabled the PolicySensitivityLabelsEmailClassification key in the Workspace ONE UEM console, but has not configured the sensitivity labels in Azure.
- The Boxer application fails to connect to the Azure server.
- When you receive an email with an already applied IRM template, then a default sensitivity label configured by the Azure admin is applied to that email. You can also apply the labels manually.
- If you receive an email with an applied sensitivity label, you can use a different sensitivity label if you are allowed to do so.
Combination of S/MIME and Sensitivity labels:
- When you receive a signed or encrypted email and you apply a sensitivity label to it, the signing or encryption level of protection is removed from that email.
- If you receive an email with an already applied sensitivity label, the label is removed automatically when you sign or encrypt that email.