Hi folks,
For those of you using the Box Postman advanced collection with JWT authentication, with a recently generated private key, you might be having error when the pre-request script tries to get a new access token.
The error in question is a malformed PCKS.
The reason behind this is that Box has updated the encryption method of the private key to something not supported by the JSRSASign v10.x.
The good news is that the new version of JSRSASign (v11.x) does support it.
While we fix the collection here is a quick fix:
- Download the JSRSASign from the CDN.
- Go to and select the Box Advanced collection
- Replace the content of the variable libJSRSASign with the content from the CDN link above.
Remember to Save!!!
Your all set.
We’ll update the collection in Postman shortly.