1. SuiteCloud Platform
  2. SuiteTalk Web Services
  3. SuiteTalk REST Web Services API Guide
  4. Prerequisites and Setup for REST Web Services
  5. Setting Up Authentication

Setting Up Authentication

NetSuite supports two mechanisms that increases overall system security. OAuth 2.0 and token-based authentication (TBA), robust, industry standard-based mechanisms. These authentication mechanisms enable client applications to use a token to access NetSuite through APIs, eliminating the need for integrations to store user credentials.

REST web services do not support login through user credentials. For general information about TBA, see Token-based Authentication (TBA).

For general information about OAuth 2.0, see OAuth 2.0.

Note:

OAuth 2.0 is the preferred authentication method. You should consider using OAuth 2.0 instead of TBA whenever possible.

Setting Up OAuth 2.0 Authentication for REST Web Services

Tip:

For a step by step description of setting up OAuth 2.0 for REST, see Tutorial: Using Postman with OAuth 2.0.

To set up OAuth 2.0, see Getting Started with OAuth 2.0.

To be able to use REST web services with OAuth 2.0, you're required to create an application using an integration record. See Create Integration Records for Applications to Use OAuth 2.0. As the last step of this procedure, make sure you note the client ID and client secret.

After creating the integration application, set up an application for use with OAuth 2.0. For more information, see OAuth 2.0 for Integration Application Developers. After the application is set up, you can manage the authorized applications. For more information, see Managing OAuth 2.0 Authorized Applications.

Setting Up Token-Based Authentication (TBA) for REST Web Services

Tip:

For a step by step description of setting up TBA for REST, see Setting Up Token-Based Authentication (TBA) -Tutorial.

To set up TBA, see Getting Started with Token-based Authentication.

To use REST web services with TBA, you must create an application using an integration record. See Create Integration Records for Applications to Use TBA. As the last step of this procedure, make sure you note the consumer key and consumer secret.

After creating the integration application, you're ready to create tokens for your users. Issue a new token for at least one of your users, and note its token ID and token secret. For details, see Access Token Management – Create and Assign a TBA Token.

After creating tokens, you use the token ID and token secret in your Postman environment. For information about setting up your environment, see Importing and Setting Up a Postman Environment.

For detailed information about using TBA in integration applications, see The Three-Step TBA Authorization Flow.

Related Topics

General Notices