Discussions
Stay up-to-date with the latest news from NetSuite. You’ll be in the know about how to connect with peers and take your business to new heights at our virtual, in-person, on demand events, and much more.
Now is the time to ask your NetSuite-savvy friends and colleagues to join the NetSuite Support Community! Refer now! Click here to watch and learn more!
Update your Profile with your Support type to get your Support Type badge.
Uncover the power of data with the Analytics Hub —your ultimate guide to mastering NetSuite Saved Searches and Reports. Simplify the complex and unlock your organization's true potential. Dive into the Analytics Hub now and soar to new heights!
To help you get the most out of your 2025.2 Release Preview account, review the topics outlined in the 2025.2 Release Preview Guide.
Nominate Your Peers for NetSuite Support Community's Choice of the Quarter! Submit your nomination today.
Intelligent Payment Automation version 1.0.3 is now available in the SuiteApp Marketplace. The SuiteApp, powered by BILL, lets you automate payments, manage vendor details, and bank account information within NetSuite. Learn more

SuiteQL HMAC-SHA256 signature

edited Jun 2, 2025 2:24PM in Ask A Guru 6 comments

Hi. I'm working on c# SuiteQL rest application. Recently we've got error, that we need to change signature from HMAC-SHA1 to HMAC-SHA256.

Currently, we are using for creating signature Google api - OAuthBase.GenerateSignature. But, this method can't create HMAC-SHA256.

I've been looking through many different solutions, how to create signature manually, but all of them doesn't allow me to create request to NetSuite, i've got "InvalidSignature" error.

This is my current code:

//Creating signature and header
var signature = GenerateSignature(consumerKey,ConfigurationManager.AppSettings["login.tbaConsumerSecret"], ConfigurationManager.AppSettings["login.tbaTokenSecret"],nonce,time,                    tokenId, ConfigurationManager.AppSettings["login.acct"]).Replace("+", "%2B");

var header = $"Authorization: OAuth oauth_signature=\"{signature}\", oauth_version=\"1.0\", oauth_nonce=\"{nonce}\", oauth_signature_method=\"HMAC-SHA256\", oauth_consumer_key=\"{consumerKey}\", oauth_token=\"{tokenId}\",oauth_timestamp=\"{time}\", realm=\"{ConfigurationManager.AppSettings["login.acct"]}\"";
//Generating signature
private static string GenerateSignature(string consumerKey, string consumerSecret, string tokenSecret, string nonce, string timestamp, string token, string acct)
        {
            var baseString = $"{acct}&{consumerKey}&{token}&{nonce}&{timestamp}";
            var key = consumerSecret + "&" + tokenSecret;
            string signature;
            var encoding = new ASCIIEncoding();
            var keyBytes = encoding.GetBytes(key);
            var baseStringBytes = encoding.GetBytes(baseString);
            using (var hmacSha = new HMACSHA256(keyBytes))
            {
                var hashBaseString = hmacSha.ComputeHash(baseStringBytes);
                signature = Convert.ToBase64String(hashBaseString);
            }
            return signature;
        }
Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!

Leaderboard

Community Whiz

Quarter 4 (Oct-Dec 2025)

This Week's Leaders

This Month's Leaders

All Time Leaders