These scripts can be used as examples. NetSuite is highly extendable / customizable scripts may or may not work out of the box. They may depend on custom code / apps / plugins.
SuiteScript 2.x
- Custom Fields:
- Custom Lists
- SuiteScripts:
- Custom Notifications:
- Custom Reports:
Setting up Token-Based Authentication for a RESTlet
I. Acquiring the Consumer Key and Consumer Secret
- Go to
Setup > Integrations > Manage Integrations > New. Fill out the form. - Enable Token-Based Authentication
- You will receive the following message, along with the Consumer Key and Consumer Secret. Save it somewhere secure.
Warning: For security reasons, this is the only time that the Consumer Key and Consumer Secret values are displayed.
After you leave this page, they cannot be retrieved from the system. If you lose or forget these credentials, you
will need to reset them to obtain new values.
Treat the values for Consumer Key and Consumer Secret as you would a password. Never share these credentials
with unauthorized individuals and never send them by email.
II. Acquiring the Token ID and Token Secret
- If your role is granted with User Access Token permission (If your reading this you should have Admin privileges), you should be able to see
Manage Access Tokensinside the settings portlet. - Click on
New My Access Token - Select an Application Name and enter your preferred Token Name.
- Click
Save - You will receive the following message, along with the Token ID and Token Secret. Save it somewhere secure.
Warning: For security reasons, this is the only time that the Token ID and Token Secret values are displayed. After
you leave this page, they cannot be retrieved from the system. If you lose or forget these credentials, you will need
to reset them to obtain new values.
Treat the values for Token ID and Token Secret as you would a password. Never share these credentials with
unauthorized individuals and never send them by email.
III. Testing with Postman
- Select the appropriate request method (ex: GET, POST, PUT, DELETE).
- Enter the URL you can grab it from the deployment record / integration record.
- Click on Authorization.
- Select OAuth 1.0
- Enter the following Parameters:
- Consumer Key (from Section I, Step 3)
- Consumer Secret (from Section I, Step 3)
- Access Token (from Section II, Step 6)
- Token Secret (from Section II, Step 6)
- Enter the NetSutie Account ID under
Advanced > Realm. - Test
- Create File
- Save Files to File Cabinet
Documents > Files > New - Create SuiteScript Record
Customization > Scripting > Scripts > New
Save & Deploy to skip next step - Deploy
Customization > Scripting > Script Deployments
import fetch from 'node-fetch';
import OAuth from 'oauth-1.0a';
import crypto from 'crypto';
import dotenv from 'dotenv';
dotenv.config();
const config = {
accountId: process.env.NETSUITE_ACCOUNT_ID,
consumer: {
key: process.env.NETSUITE_CONSUMER_KEY,
secret: process.env.NETSUITE_CONSUMER_SECRET
},
token: {
key: process.env.NETSUITE_TOKEN_KEY,
secret: process.env.NETSUITE_TOKEN_SECRET
}
};
async function authenticatedFetch<ResponseType, PayloadType>(
method: 'GET' | 'POST',
endpoint: string;
data: PayloadType
) {
try {
const { accountId, consumer, token } = config;
const oauth = new OAuth({
consumer,
signature_method: 'HMAC-SHA256',
hash_function(baseString, key) {
return crypto
.createHmac('sha256', key)
.update(basestring)
.digest('base64');
},
realm: accountId,
});
const authorization = oauth.authorize({
endpoint,
method
},
token);
const header = oauth.toHeader(authorization);
header.Authorization += `, realm="${accountId}"`;
const response = await fetch(endpoint, {
method,
headers: {
'Content-Type': 'application/json',
Authorization: header.Authorization,
'user-agent': 'Some User Agent/v.0.0.1 (Language=JavaScript/Node)'
}
body: JSON.stringify(data),
});
const responseJson = (await response.json() as ResponseType);
// do something with response
return responseJson
} catch(err: any) {
console.error('error', err.message);
}
}