Dear Community,

I hope you're doing well.

We are currently using API key authentication for our client portal, which involves generating an HMAC-SHA256 signature in ServiceNow with the CryptoJS library (specifically using crypto-js/3.1.2/hmac-sha256.js). However, given that ServiceNow will soon discontinue support for CryptoJS, we are seeking a new approach to generate the HMAC signature without relying on external libraries.

Our goal is to securely generate the HMAC-SHA256 signature utilizing the built-in capabilities of ServiceNow, or any alternative method that complies with the platform’s security guidelines. The signature is crucial for our API authentication in integration, and we have the following requirements:

• API Key and Secret: We need to securely use API keys and secrets within ServiceNow.
• Signature Generation: HMAC-SHA256 hashing must be applied to these credentials to generate the necessary signature.
• Platform Compatibility: The solution should leverage ServiceNow's native features without the need for external libraries.

If anyone has faced a similar challenge or has suggestions on how to achieve HMAC-SHA256 hashing using ServiceNow’s native tools, your advice would be greatly appreciated. Any code samples, recommendations for ServiceNow-compatible libraries, or best practices would be extremely valuable.

Thank you for your time and support.

Best regards,
Rahee