Request for Assistance: HMAC-SHA256 Signature Generation in ServiceNow

raheemukher
Tera Contributor

 

Dear Community,

I hope you're doing well.

We are currently using API key authentication for our client portal, which involves generating an HMAC-SHA256 signature in ServiceNow with the CryptoJS library (specifically using crypto-js/3.1.2/hmac-sha256.js). However, given that ServiceNow will soon discontinue support for CryptoJS, we are seeking a new approach to generate the HMAC signature without relying on external libraries.

Our goal is to securely generate the HMAC-SHA256 signature utilizing the built-in capabilities of ServiceNow, or any alternative method that complies with the platform’s security guidelines. The signature is crucial for our API authentication in integration, and we have the following requirements:

  • API Key and Secret: We need to securely use API keys and secrets within ServiceNow.
  • Signature Generation: HMAC-SHA256 hashing must be applied to these credentials to generate the necessary signature.
  • Platform Compatibility: The solution should leverage ServiceNow's native features without the need for external libraries.

If anyone has faced a similar challenge or has suggestions on how to achieve HMAC-SHA256 hashing using ServiceNow’s native tools, your advice would be greatly appreciated. Any code samples, recommendations for ServiceNow-compatible libraries, or best practices would be extremely valuable.

Thank you for your time and support.

Best regards,
Rahee

1 REPLY 1

Ryan146
Tera Contributor

Hello @raheemukher ,

We got the request from our customer recently about the same capability to generate HMAC-SHA256 signature from ServiceNow.

Do you have any updates on how you managed to implement this follow the best practices?