Yes, JWT authentication is now supported for Cybersource's REST APIs, including Unified Checkout, and is the recommended authentication method going forward.
If your proof of concept was built earlier using HTTP Signature because JWT support wasn't fully available, it's worth revisiting the implementation. Cybersource has been moving customers toward JWT/OAuth-based authentication for REST integrations, while HTTP Signature remains primarily for backward compatibility with existing implementations.
A few points to verify before starting production work:
* Confirm that your specific Unified Checkout APIs support JWT in both the sandbox and production environments for your merchant configuration.
* Ensure you have the necessary JWT/OAuth credentials provisioned in the Cybersource Business Center.
* Review the latest authentication documentation, as some services may have slightly different requirements depending on the API family.
* Test token generation, expiration handling, and refresh workflows in the sandbox before migrating away from HTTP Signature.
As for a formal timeline, Cybersource typically publishes authentication and deprecation updates through its official documentation and support channels. If you're planning a production rollout, I'd recommend opening a support ticket with Cybersource to confirm the current status for your account and whether there are any remaining limitations for Unified Checkout specifically.
In general, for new development, JWT is the preferred approach and should be the direction you target unless Cybersource support advises otherwise for your particular integration.
