Postman - oAuth 1.0 Signature Generation - NetSuite

Your question may already have an answer on the community forum. Please search for related topics, and then read through the guidelines before creating a new topic.

Here’s an outline with best practices for making your inquiry.

My question:
How does Postman generate it oauth signature. I am working with NetSuite and am getting a different signature than Postman despite following documentation

Details (like screenshots):
oauth from Postman:

Screen Shot 2023-01-23 at 9.10.21 AM1020×465 52.4 KB

Basic Code Generating Signature (Ruby)

Screen Shot 2023-01-23 at 9.13.52 AM761×86 12.2 KB

Results:
My Signature: “pZ8QP1vyD+4Emgyxeu4pAtPRSTjD39oOuhBjWEG4imY=”
Postmans Signature: “B8KYY0W4LUwXCNzNfPmbQg0yiGbBSkhrLFWBhJ8tpps%3D”
How I found the problem:

• Kept receiving invalid login from server

I’ve already tried:

• down casing all variables in base string
• url_encoding signature
• Note the base string variables are already in alpha order
• Using request params as base string:
  
  

  Screen Shot 2023-01-23 at 9.18.28 AM938×425 45.4 KB

I am also working with NetSuite and was having the same problem and have worked out the solution which will hopefully help here too.

The issue is that UrlEncode returns lowercase encoded characters such as %2f for / but the OAuth1 specification requires this to be %2F.
I found I could use Uri.EscapeDataString() instead and then everything worked.

So https:// becomes https%3A%2F%2F instead of https%3a%2f%2f for example.

Hopefully this helps others in the same situation.

It would certainly be useful if Postman provided some additional details such as the signature base string it generates as it would have helped to debug it much faster.