Implementing Oauth1.0 from Apex

8:43 AM

Implementing Oauth1.0 from Apex involves passing a few parameters in the required format. Apex does support making a Oauth1.0 HTTP callout. Below is a screenshot from Postman, notice that the authorization has a bunch of token's and secret's.  Some are optional and we will see below how to pass them through Apex.

Consumer Key - Required
Consumer Secret - Required
Access Token - Optional
Token Secret - Optional

Signature Method - Required, usually it is HMAC-SHA1

Please note that the Access token and the Token Secret are optional, if you do have a token secret then the consumer secret will have that appended with a '&' symbol. For example,

Access Token Required => Consumer-Sercret&Token-Secret
Access Token not required => Consumer-Secret

Note that, every time the endpoint changes (you add new parameter values) you would have to sign it explicitly by calling the signRequest method.


  1. Netsuite gives us Invalid signature. This is not working for us.
    Any help will be appreciated