SuiteScript 2.x RESTlet Reference

A RESTlet is a SuiteScript that executes when called by an external application or by another SuiteScript. Depending on how the RESTlet is written and called, it may also return data to the calling application.

A RESTlet can perform any function that can be implemented by using SuiteScript. At a high level, you can use a RESTlet to:

When you create and use a RESTlet, you will need to understand how to deploy and call it (and perhaps debug it) which is done differently than for other script types. You will also want to learn about authentication, governance, and security specific to RESTlets.

Deploying a RESTlet. To use a RESTlet, follow the same guidelines as you would with any entry point script deployed at the record level. That is, you must create a script record and a deployment record based on the RESTlet script file. For more information, see Deploying a RESTlet.

Calling a RESTlet. When you save a script deployment record for a RESTlet, the system automatically generates a URL that can be used to call the RESTlet. Because a RESTlet executes only when it is called, this information is critical for using the RESTlet. For more information, see Identifying a RESTlet in a Call.

To call a RESTlet that you have deployed, you can use one of four supported HTTP methods: delete, get, post, or put. Depending on which method you use, you may be required to embed input for the RESTlet within the URL, or you may be required to submit arguments in a request body. Additionally, for the call to be successful, your RESTlet script must contain an entry point that corresponds with the method you use to make the call. For more information, see Selecting an HTTP/HTTPS Method for Calling a RESTlet.

For most RESTlet calls, you must also include a Content-Type header in the call, which tells NetSuite how your request body will be formatted and how NetSuite should format its response. For more information, see Creating a Content–Type Header.

RESTlet Authentication. One advantage of using RESTlets over other script types is that NetSuite requires authentication for RESTlets. If a RESTlet call originates from a client that does not have an existing session in the NetSuite account where the RESTlet is deployed, NetSuite requires an authentication header in the call. For more information, see RESTlet Authentication.

Governance and Security. When working with RESTlets, you should be aware of governance limitations and security concerns specific to the RESTlet script type. For more information, see RESTlet Governance and Security.

Debugging a RESTlet. You can use the NetSuite Debugger to debug RESTlet code in the same manner that you debug other types of SuiteScript code. If you have installed and set up the SuiteCloud IDE, a debug client is available for your use. The RESTlet/Suitelet Debug Client enables you to debug deployed RESTlet and Suitelet SuiteScripts with the SuiteCloud IDE Debugger. The client is only accessible after a debug session is started. For details, see Debugging a RESTlet.

Related Topics

General Notices