This site was built to compliment the existing NetSuite Professionals Slack Community by adding a means for members to easily find answers to common questions and to create a searchable database of those questions and answers.

NetSuite Professionals

If I check the "DISABLE HMAC-SHA1 FOR TOKEN-BASED AUTHENTICATION" box in my enable features, does it inevitably enforces the use of HMAC-SHA256 or allowing also less-secure methods? thanks a lot

I think NetSuite deprecated the use of SHA1 in 2021.1
And before that the deprecated the creation of new integrations with username and password authentication

The default now is SHA256

```As of 2021.1, it is no longer possible to start using the HMAC-SHA1 signature method for Token-based
Authentication (TBA). If you are actively using the HMAC-SHA1 signature method in your account, you
can continue using it currently, but you must stop using it before your account is upgraded to NetSuite
2022.1. You should use the HMAC-SHA256 signature method to create new solutions for use with TBA.
You also should update your existing solutions to use HMAC-SHA256 as soon as possible.```
<https://nlcorp.customer.netsuite.com/core/media/media.nl?id=307636122&amp;c=NLCORP&amp;h=AP5bK5vznbtX-bj_QudtmSDLY7zNr8Oc-MkFlyAJJJev_SR0&amp;_xt=.pdf&amp;_od=aHR0cHM6Ly9ubGNvcnAuYXBwLm5ldHN1aXRlLmNvbQ**|https://nlcorp.customer.netsuite.com/core/media/media.nl?id=307636122&amp;c=NLCORP&amp;h=AP5bK5vznb[…]=.pdf&amp;_od=aHR0cHM6Ly9ubGNvcnAuYXBwLm5ldHN1aXRlLmNvbQ**>

Page 19