OAuth 2.0 for REST Web Services
OAuth 2.0 is only available for REST web services and RESTlets. SOAP web services do not support OAuth 2.0.
For more information, see the following topics:
For information about related tasks, see the following topics:
Applications authorized using the OAuth 2.0 feature in your NetSuite production account are not copied to your Release Preview or to your sandbox accounts. Users must authorize applications explicitly in Release Preview or a sandbox account to test OAuth 2.0 feature in these accounts. Each time the sandbox is refreshed, users must authorize applications explicitly in the sandbox account.
OAuth 2.0 Authorization Header for REST Web Services
After you finish the authorization code grant flow and the application is granted an access token, see the following information to create the OAuth 2.0 authorization header.
The format of URL is:
https://<accountID>.suitetalk.api.netsuite.com/services/rest/record/v1/customer
The structure of the authorization header is:
Authorization: Bearer <access token>
The following is an example of the OAuth 2.0 authorization header for REST web services:
Authorization: Bearer eyJraWQiOiIyMDIwXzEiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxMDAwOzEyIiwiYXVkIjoiN0VCODkwREMtNEJDRC00RTQ5LTkzNDEtRjZEMDIyNDUxOEY5OzM4Mjk4NTUiLCJ0dHlwZSI6IkFDQ0VTUyIsInNjb3BlIjpbIlJFU1RMRVRTIl0sImlzcyI6Imh0dHBzOlwvXC9zeXN0ZW0ubmV0c3VpdGUuY29tIiwiZXhwIjoxNTgwODI1NjQyLCJpYXQiOjE1ODA4MjIwNDJ9.sTNSUlE1w-X_zhNPou_pRvHPob_p6iTkvA329yfVqrFFcgy0Ma14HA1WtlYmd8Xy8TGvC5str_ZYEBNq9adNSb1inkgB4orFCus5plvCzuLaeA_kYWc6KEFq6Z2jfBBymrDtLqujvvBMxNan88KN0UXM7CaNDGrg7tUllcQcB6mJwiqrRMXPWPXSZMc17CgroIPwvNCaF7mK9np4V-s0nhlCCII_XuESWXZom2nJtserwiLC7db2psrmtXKSu0l75XRYWb8Qn1G3x56oYz56TAfjB2bM6kUYq-s4Io2QHHdD0HxZSH-d_i5gY3sfCIqzr9Z4G8u6IHLN0fThDTt3hQ