Required Parameters for Creating the Token Password

The token password is an authentication string that has a limitation of approximately 500 characters. The string includes a concatenation of parameters with the ampersand character (&) as the delimiter. The values of the required parameters are arranged as follows:

<account-id>&<consumer-key>&<token-key>&<nonce>&<timestamp>&<signature>&<signature-algorithm>

Parameter	Description
Base string	The base string is the variable created from concatenating a series of values, with an ampersand as a delimiter between values. The values are arranged in the following sequence: Account ID – Your NetSuite account ID. You can find this value on the SuiteAnalytics Connect Driver Download Page under Your Configuration. For more information, see Connection Attributes. Consumer key – The consumer key for the integration record. This string was created when you created the integration record. For more information, see Requirements for Using Token-based Authentication in Connect. Token key – This is a string identifier or an ID of a token that represents a unique combination of a user, a role, and an integration record. For more information about how to obtain a token key, see Manage TBA Tokens in the NetSuite UI. Nonce – This field should hold a unique, randomly generated alphanumeric string of 6–64 characters. Timestamp – This field should hold a current timestamp in Unix format. All parameters for creating the base string use the percent encoding. For more information about percent encoding, see https://tools.ietf.org/html/rfc5849#section-3.6.
Signature	The first step in generating the signature is creating the signature key. The signature key is the variable created from concatenating the consumer secret and the token secret. For more information about the consumer secret and the token secret, see Requirements for Using Token-based Authentication in Connect. After you created the signature key, use the base string and signature key to create the signature parameter. The signature must be encoded by Base64 and only the HMAC-SHA256 algorithm is supported. For more information, see Creating the Token Password.
Signature algorithm	The Connect Service supports only the HMAC-SHA256 algorithm.

Parameter

Description

Base string

The base string is the variable created from concatenating a series of values, with an ampersand as a delimiter between values. The values are arranged in the following sequence:

Account ID – Your NetSuite account ID. You can find this value on the SuiteAnalytics Connect Driver Download Page under Your Configuration. For more information, see Connection Attributes.
Consumer key – The consumer key for the integration record. This string was created when you created the integration record. For more information, see Requirements for Using Token-based Authentication in Connect.
Token key – This is a string identifier or an ID of a token that represents a unique combination of a user, a role, and an integration record. For more information about how to obtain a token key, see Manage TBA Tokens in the NetSuite UI.
Nonce – This field should hold a unique, randomly generated alphanumeric string of 6–64 characters.
Timestamp – This field should hold a current timestamp in Unix format.

All parameters for creating the base string use the percent encoding. For more information about percent encoding, see https://tools.ietf.org/html/rfc5849#section-3.6.

Signature

The first step in generating the signature is creating the signature key. The signature key is the variable created from concatenating the consumer secret and the token secret. For more information about the consumer secret and the token secret, see Requirements for Using Token-based Authentication in Connect.

After you created the signature key, use the base string and signature key to create the signature parameter. The signature must be encoded by Base64 and only the HMAC-SHA256 algorithm is supported. For more information, see Creating the Token Password.

Signature algorithm

The Connect Service supports only the HMAC-SHA256 algorithm.

Related Topics