Using OAuth 2.0 for RESTlet Authentication

You can use the OAuth 2.0 feature to authenticate RESTlets' access to NetSuite. With this approach, you use the OAuth 2.0 authorization framework to construct an authorization header. For details, see the following topics:

• OAuth 2.0 Setup Requirements

• OAuth 2.0 Authorization Code Grant Flow

• OAuth 2.0 Authorization Header

OAuth 2.0 Setup Requirements

Before you can use the OAuth 2.0 authorization framework, you must complete the following tasks:

• Enable the OAuth 2.0 feature in your account. For more information, see Enable the OAuth 2.0 Feature.

• Set up roles for use with OAuth 2.0 and assign users to the roles. For more information, see Set Up OAuth 2.0 Roles.

• Create an integration record for use with OAuth 2.0. For more information, see Create Integration Records for Applications to Use OAuth 2.0.

After you set up an integration record for use with OAuth 2.0, you must create an external application that initiates the OAuth 2.0 flow. For more information, see OAuth 2.0 for Integration Application Developers.

OAuth 2.0 Authorization Header

After you finish the authorization code grant flow and the application is granted an access token, see the following information to create the OAuth 2.0 authorization header.

The format of the URL is:

https://<accountID>.app.netsuite.com/app/site/hosting/restlet.nl?script=1&deploy=1

The structure of the authorization header is:

Authorization: Bearer <access token>

The following is an example of the OAuth 2.0 authorization header for RESTlets:

            Authorization: Bearer eyJraWQiOiIyMDIwXzEiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxMDAwOzEyIiwiYXVkIjoiN0VCODkwREMtNEJDRC00RTQ5LTkzNDEtRjZEMDIyNDUxOEY5OzM4Mjk4NTUiLCJ0dHlwZSI6IkFDQ0VTUyIsInNjb3BlIjpbIlJFU1RMRVRTIl0sImlzcyI6Imh0dHBzOlwvXC9zeXN0ZW0ubmV0c3VpdGUuY29tIiwiZXhwIjoxNTgwODI1NjQyLCJpYXQiOjE1ODA4MjIwNDJ9.sTNSUlE1w-X_zhNPou_pRvHPob_p6iTkvA329yfVqrFFcgy0Ma14HA1WtlYmd8Xy8TGvC5str_ZYEBNq9adNSb1inkgB4orFCus5plvCzuLaeA_kYWc6KEFq6Z2jfBBymrDtLqujvvBMxNan88KN0UXM7CaNDGrg7tUllcQcB6mJwiqrRMXPWPXSZMc17CgroIPwvNCaF7mK9np4V-s0nhlCCII_XuESWXZom2nJtserwiLC7db2psrmtXKSu0l75XRYWb8Qn1G3x56oYz56TAfjB2bM6kUYq-s4Io2QHHdD0HxZSH-d_i5gY3sfCIqzr9Z4G8u6IHLN0fThDTt3hQ 

          

Related Topics

RESTlet Authentication

Authentication for RESTlets

Setting up OAuth 2.0 for a RESTlet Integration

General Notices