Hello I'm having a #CFG7DNCM9 issue: I have a SOAP request using TBA that is returning a 500 - 'Invalid login attempt' , investigating I can see this is due to an InvalidSignature. Does anyone have any tips to resolve? The request/signature is as follows (from postman): let baseString = `${account}&${consumerKey}&${tokenId}&${nonce}&${timestamp}`; let key = `${consumerSecret}&${tokenSecret}`; let signature = CryptoJS.HmacSHA256(baseString, key).*toString*(CryptoJS.enc.Base64); pm.environment.*set*("signature", signature); <tokenPassport xmlns="urn:messages_2018_1.platform.webservices.netsuite.com"> <account xmlns="urn:core_2018_1.platform.webservices.netsuite.com">{{account}}</account> <consumerKey xmlns="urn:core_2018_1.platform.webservices.netsuite.com">{{consumerKey}}</consumerKey> <token xmlns="urn:core_2018_1.platform.webservices.netsuite.com">{{tokenId}}</token> <nonce xmlns="urn:core_2018_1.platform.webservices.netsuite.com">{{nonce}}</nonce> <timestamp xmlns="urn:core_2018_1.platform.webservices.netsuite.com">{{timestamp}}</timestamp> <signature algorithm="HMAC-SHA256" xmlns="urn:core_2018_1.platform.webservices.netsuite.com">{{signature}}</signature> </tokenPassport> Additionally - the option in this article /app/help/helpcenter.nl?fid=section_162817229844.html is NOT checked (so I should be able to use HMAC-1) however that returns a 500 'The request could not be understood by the server due to malformed syntax.' - I don't think this is directly related but is another method that does not work. CryptoJS docs: https://cryptojs.gitbook.io/docs/ Thanks in advance for any assistance :)

make sure your environmental variables have valid values

Thank you @battk ..my account key was wrong.. didn't realize it was case sensitive.

@battk is their HelpCenter example there actually correct? I tried running equivalent code in a Java online sandbox, but did not get the documented signature (Gets: FCghIZqXNetuZY8ILWOFH0ucdfzQOmAuL+q+kF21zPs= for sanity check, future ref for anyone)

that is disappointing, it is wrong