Skip to end of metadata
Go to start of metadata

Summary

NetSuite has recently announced important changes to token-based authentication (TBA) with the removal of the HMAC-SHA1 signature algorithm.

The HMAC-SHA1 signature algorithm will be deprecated as a valid signature method for TBA as of these versions:

  • Non-Production Accounts: NetSuite version 2021.2 and later
  • Production Accounts: NetSuite version 2022.1 and later

The deprecation of HMAC-SHA1 is independent of which WSDL version you specify in the configuration of the Jitterbit Harmony NetSuite endpoint.

As NetSuite will no longer support HMAC-SHA1, you must change any Jitterbit Harmony projects that are presently using HMAC-SHA1 as the signature algorithm to use HMAC-SHA256 instead as soon as possible to avoid issues with those integrations.

Key Dates

Below is a summary of the key dates by NetSuite to be aware of:

Key DateEvent
July 21, 2021Start of upgrade of SuiteCloud Developer Network (SDN) leading accounts to NetSuite version 2021.2.
July 30, 2021End of the upgrade of SDN leading accounts to NetSuite version 2021.2. The HMAC-SHA1 signature stopped working permanently on all SDN accounts.
Mid to late August, 2021Start of the test window for customer production accounts, during which HMAC-SHA1 will stop working for 6 hours per region.
Spring 2022As customer production accounts are upgraded to NetSuite version 2022.1, HMAC-SHA1 will permanently stop working.

Required Changes

Changes are required if a project is currently using HMAC-SHA1 as the signature algorithm for communication with NetSuite. Instructions are provided below for projects using the Cloud Studio NetSuite Connector or the Design Studio NetSuite Connector. If a project connects to NetSuite using a method other than one of our NetSuite connectors and you need assistance updating the signature algorithm, contact Jitterbit Support.

If a project is already using HMAC-SHA256 as the signature algorithm, no changes are required.

Cloud Studio

To verify the signature algorithm in use by the Cloud Studio NetSuite Connector and to make the required changes, if necessary, follow these steps:

  1. Access Cloud Studio through the Jitterbit Harmony Portal at https://login.jitterbit.com.
  2. Open each project using the Cloud Studio NetSuite Connector.
  3. Open each NetSuite connection and locate the field Signature Algorithm. If the selection shows HMAC-SHA256, no changes are necessary. If the selection shows HMAC-SHA1, use the dropdown to change the signature algorithm to HMAC-SHA256:

  4. Test, save, and redeploy each NetSuite connection where the signature algorithm was updated.

Design Studio

To verify the signature algorithm in use by the Design Studio NetSuite Connector and to make the required changes, if necessary, follow these steps:

  1. In the Design Studio application, open each project using the Design Studio NetSuite Connector.
  2. Open each NetSuite Endpoint and locate the field Signature Algorithm. If the selection shows HMAC-SHA256, no changes are necessary. If the selection shows HMAC-SHA1, use the dropdown to change the signature algorithm to HMAC-SHA256:

  3. Test, save, and redeploy each NetSuite Endpoint where the signature algorithm was updated.

If Required Changes Are Not Made

If a Jitterbit Harmony project is still using HMAC-SHA1 when NetSuite deprecates that signature method for your NetSuite account, the integration will stop working.

An error similar to that shown below will occur when you test the endpoint or run an operation using HMAC-SHA1:

<?xml version=“1.0” encoding=“utf-8"?>
<soapenv:Envelope
	xmlns:soapenv=“http://schemas.xmlsoap.org/soap/envelope/”
	xmlns:xsd=“http://www.w3.org/2001/XMLSchema”
	xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance”>
	<soapenv:Body>
		<soapenv:Fault>
			<faultcode>soapenv:Server.userException</faultcode>
			<faultstring>The request could not be understood by the server due to malformed syntax.</faultstring>
			<detail>
				<platformFaults:invalidCredentialsFault
					xmlns:platformFaults=“urn:faults_2019_2.platform.webservices.netsuite.com”>
					<platformFaults:code>USER_ERROR</platformFaults:code>
					<platformFaults:message>The request could not be understood by the server due to malformed syntax.</platformFaults:message>
				</platformFaults:invalidCredentialsFault>
				<ns1:hostname
					xmlns:ns1=“http://xml.apache.org/axis/”>example123
				</ns1:hostname>
			</detail>
		</soapenv:Fault>
	</soapenv:Body>
</soapenv:Envelope>

To resolve the error and fix the integration, see Required Changes above to change the signature algorithm to HMAC-SHA256.

  • No labels