1. An agent/customer is not able to send a file as an attachment. How do we resolve this issue?
1. Using admin credentials, connect to the Agent Workspace.
2. Click the Settings icon (Gear icon) and navigate to the Privacy & Security module.
3. Click on the Media tab and select the option to upload files for the agents/customers.
4. Check the box of the desired file types enabled to be sent by the Agent Workspace and choose the maximum file size you wish to send.
5. Save the settings at the bottom corner of the screen.
Note: Specific channels can hold different media permissions. Update the Privacy & Security settings on each relevant channel.
2. How can I change my API key?
Please follow this comprehensive guide.
3. Why is the API key changing?
API Key Management
The API key itself is fixed and remains valid until a new one is issued.
For security, the API key is stored within a Secret that includes an expiration date component.
This expiration mechanism ensures that while the API key remains the same, the Secret changes daily, and expired Secrets are rejected by the system.
4. How can I see the actual API Key?
To extract and view the actual API Key embedded within the Secret:
Go to a JWT decoding website such as www.jwt.io .
Copy the API Key as it appears on the CommBox API settings page.
Paste the API Key (encrypted Secret) into the left-hand input window of the decoder.
In the decoded payload section (right-hand side), locate the field labeled
client_secret(highlighted in purple).The value shown here is the actual API Key.
5. How can the old and new API Keys work at the same time?
CommBox maintains a master list of all active API keys issued to clients. This system supports overlapping keys, ensuring continuity during key rotations. Once an API key reaches its expiration date, it is removed from the active list, and only valid keys remain operational.
6. What are CommBox Data backup and recovery policies?
CommBox ensures business continuity and data protection through robust backup and recovery processes:
Redundant Storage – All data is stored on two separate servers: a primary production server and a dedicated backup server, both hosted on the AWS server farm.
Retention Policy – Backups are securely maintained for up to two weeks.
Disaster Recovery – In the event of production server unavailability, the backup server retains the entire dataset, enabling seamless recovery with minimal disruption.
7. What are CommBox's encryption and data protection policies?
CommBox Encryption and Data Protection Policies
Encryption and Data Protection
CommBox ensures comprehensive data security by encrypting all data in transit using TLS 1.2+ and at rest using AES-256, providing end-to-end protection across the platform.
Access Controls and Authentication
The platform enforces role-based access control (RBAC) and supports modern authentication methods including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and OAuth 2.0, ensuring secure access and authorization.
Regular Security Audits
CommBox undergoes ongoing third-party penetration tests and internal security audits, aligned with ISO 27001 standards, to maintain and continuously improve its security posture.
8. Do you have file size limit in the system?
The file upload limit in the system is 20 MB. Files larger than this may be blocked and fail to upload.
If the file you are trying to upload is within the size limit but still fails, the issue may be related to internal restrictions in your organization — such as infrastructure settings or information security policies — rather than a system error.
In such cases, we recommend contacting your IT team or your organization’s information security officer for further investigation.
You can limit the max allowed further (based on your organization's requirements) in the Privacy & Security module in the Media section.
