I’m actually curious how Boomi authenticates under the hood. If they aren’t using HMAC-SHA256, then nothing would work. And if they are, how hard would it be to share that with the HTTP Client?

They are using SHA256 for the NetSuite connector, however not for the HTTP Client Connector. We're using that to call Restlets.

Right, I understand that. I guess my confusion is that, both products are from the same company, so it doesn’t seem like it would be so hard for them to provide the same signature method from their HTTP Client connector as well. Of course I don’t know their business. Ultimately, it seems like a bad decision that could lose them customers and money. Sounds like an opportunity for a competitor to grab some of Boomi’s marketshare.

It's not the same company, they are just partners.

@Martin Horacek So, wait, are you saying Boomi’s HTTP Client Connector is provided by a different company (not Dell Boomi, but a separate partner they work with)? I guess that would explain why they may not be able to update it, perhaps the partner is refusing to do so. I am surprised that Boomi doesn’t just create their own HTTP Client Connector in house. As an integration platform, you would think they would want to have more control over their product. I have never used Boomi, so I have no idea how their different components work. I always had the impression they were a major vendor and therefore assumed they built most or all of their product themselves.

Sorry, I wasn't clear @scottvonduhn it is updated by Boomi, but it's not just used for NS. It's a generic HTTP Client connector and they just didn't need to update it's OAuth 1.0 implementation, because for other products other than NS you can use 2.0 without the need for manual intervention every 7 days.

I see. I guess Boomi needs to consider how important their NetSuite business is, since this is something many of their NS customers may need or would benefit from.