You definitely need the -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY----- in the API Connector “Private Key” box, it will return a “no start line” error without them. I also had to copy/paste the string into Notepad, then back into the “Private Key” box to get it to move past “no start line”, it seems a little buggy. I agree that the wording is confusing and needs to be updated.
I gave up on this method and am now using AWS, Zapier, a simple PSQL database, and the SQL DB Connector plugin to get around the Box authentication issue since I wasn’t getting any answers. I recommend anyone running into these problems to do the same, it’s pretty straightforward and only took me an hour or two to setup, compared to the several hours I spent racking my brain on the authentication. Feel free to reach out to me here if you need any help, I wouldn’t want anyone to go through the same painstaking process I did without any help.
The Access token end-point should be provided by the service providing authentication, it’s the URL for making the token exchange. Box’s was https://api.box.com/oauth2/token (taken from here)
Also, here is a very helpful Bubble post walking through the AWS setup.