NetSuite has recently announced important changes to token-based authentication (TBA) with the removal of the HMAC-SHA1 signature algorithm.
The HMAC-SHA1 signature algorithm will be deprecated as a valid signature method for TBA as of these versions:
- Non-Production Accounts: NetSuite version 2021.2 and later
- Production Accounts: NetSuite version 2022.1 and later
The deprecation of HMAC-SHA1 is independent of which WSDL version you specify in the configuration of the Jitterbit Harmony NetSuite endpoint.
As NetSuite will no longer support HMAC-SHA1, you must change any Jitterbit Harmony projects that are presently using HMAC-SHA1 as the signature algorithm to use HMAC-SHA256 instead as soon as possible to avoid issues with those integrations.
Below is a summary of the key dates by NetSuite to be aware of:
|July 21, 2021||Start of upgrade of SuiteCloud Developer Network (SDN) leading accounts to NetSuite version 2021.2.|
|July 30, 2021||End of the upgrade of SDN leading accounts to NetSuite version 2021.2. The HMAC-SHA1 signature stopped working permanently on all SDN accounts.|
|Mid to late August, 2021||Start of the test window for customer production accounts, during which HMAC-SHA1 will stop working for 6 hours per region.|
|Spring 2022||As customer production accounts are upgraded to NetSuite version 2022.1, HMAC-SHA1 will permanently stop working.|
Changes are required if a project is currently using HMAC-SHA1 as the signature algorithm for communication with NetSuite. Instructions are provided below for projects using the Cloud Studio NetSuite Connector or the Design Studio NetSuite Connector. If a project connects to NetSuite using a method other than one of our NetSuite connectors and you need assistance updating the signature algorithm, contact Jitterbit Support.
If a project is already using HMAC-SHA256 as the signature algorithm, no changes are required.
To verify the signature algorithm in use by the Cloud Studio NetSuite Connector and to make the required changes, if necessary, follow these steps:
- Access Cloud Studio through the Jitterbit Harmony Portal at https://login.jitterbit.com.
- Open each project using the Cloud Studio NetSuite Connector.
- Open each NetSuite connection and locate the field Signature Algorithm. If the selection shows HMAC-SHA256, no changes are necessary. If the selection shows HMAC-SHA1, use the dropdown to change the signature algorithm to HMAC-SHA256:
- Test, save, and redeploy each NetSuite connection where the signature algorithm was updated.
To verify the signature algorithm in use by the Design Studio NetSuite Connector and to make the required changes, if necessary, follow these steps:
- In the Design Studio application, open each project using the Design Studio NetSuite Connector.
- Open each NetSuite Endpoint and locate the field Signature Algorithm. If the selection shows HMAC-SHA256, no changes are necessary. If the selection shows HMAC-SHA1, use the dropdown to change the signature algorithm to HMAC-SHA256:
- Test, save, and redeploy each NetSuite Endpoint where the signature algorithm was updated.
If Required Changes Are Not Made
If a Jitterbit Harmony project is still using HMAC-SHA1 when NetSuite deprecates that signature method for your NetSuite account, the integration will stop working.
An error similar to that shown below will occur when you test the endpoint or run an operation using HMAC-SHA1:
To resolve the error and fix the integration, see Required Changes above to change the signature algorithm to HMAC-SHA256.