REST API's, JSON Web Tokens & Hash Algorithms

Bleiler, Timothy bleiler at
Wed Nov 13 09:39:19 EST 2019

Thanks Mark,

I have the Box account set up correctly and I can test things using the command line SDK provided by Box.
Now I have to figure out the authorization process and how to construct the token in Livecode. 
I haven’t done anything like this before so it’s a slow process. I appreciate your help.


> On Nov 12, 2019, at 5:06 PM, Mark Wieder via use-livecode <use-livecode at> wrote:
> On 11/12/19 6:23 AM, Bleiler, Timothy via use-livecode wrote:
>> Hi,
>> I’ve seen some great presentations in the last few years from the conferences and Livecode Global sessions using Livecode to access REST API’s from web services, so I’m hoping someone can help me out here.
>> I need to access a web service (<>) from my Livecode app using JSON web tokens.
>> The service  documentation states that they only support RS256, RS384, and RS512 for hashing the signature in the token. Unfortunately, in the 139 options and variations listed by the Livecode CipherNames function I don’t see these.
>> Have I missed or misunderstood something or am I out of luck for using Livecode for this task?
> Box integration has been on my back burner for a while now, so I'll be very much interested in what you come up with here.
> Are you referring to the authorization step for the Box api?
> If so, this might help... this should be a one-time thing, so I would just do this once at the command line by hand and then grab the existing key with LiveCode.
> ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS256.key
> openssl rsa -in jwtRS256.key -pubout -outform PEM -out
> That will give you both the private and public keys to pass to the Box api.
> -- 
> Mark Wieder
> ahsoftware at
> _______________________________________________
> use-livecode mailing list
> use-livecode at
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:

More information about the use-livecode mailing list