Getting the Authentication String

Choose the steps based on the flow that you're using:

• Authorization Code Grant flow– For this flow you'll need to complete two steps. Then, an additional refresh token request, and a request to the revoke token endpoint. For more information about how you can get the access token, see OAuth 2.0 Authorization Code Grant Flow.

• Client Credentials flow – You need to generate an authentication string by sending a request to the token endpoint. If the request is valid, the token endpoint returns the authentication string. For more information, see OAuth 2.0 Client Credentials Flow.

  You can get an authentication token using a Python request. See the following example:

                #! /usr/bin/env python3
   
  import requests
  import logging
   
  from pathlib import Path
  import datetime
  import jwt # PyJWT
   
  GRANT_TYPE = "client_credentials"
  CLIENT_ASSERTION_TYPE = 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer'
  CLIENT_ID = "<CLIENT_ID>"
  TOKEN_ENDPOINT_URL = "https://<COMPID>.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token"
  CONNECT_ENDPOINT_URL = "https://<COMPID>.connect.api.netsuite.com/services/rest/auth/oauth2/v1/token"
   
  CERTIFICATE_ID = "<CERTIFICATE_ID_GENERATED_WHEN_UPLOADED_TO_NS>"
  CERTIFICATE_KEY_FILE = Path("certificates/key.pem")
   
  SCOPES = ['SuiteAnalytics']
   
   
  def main():
      now = datetime.datetime.now()
      payload = {
          'iss': CLIENT_ID,
          'scope': SCOPES,
          'aud': CONNECT_ENDPOINT_URL,
          'iat': now.timestamp(),
          'exp': (now + datetime.timedelta(hours=1)).timestamp()
      }
   
      private_key = CERTIFICATE_KEY_FILE.read_bytes()
   
      jwt_assertion = jwt.encode(payload, private_key, algorithm="PS256", headers={'kid': CERTIFICATE_ID})
   
      data = {
              'grant_type': GRANT_TYPE,
              'client_assertion_type': CLIENT_ASSERTION_TYPE,
              'client_assertion': jwt_assertion,
      }
      resp = requests.post(TOKEN_ENDPOINT_URL, data=data)
      data = resp.json()
      logging.debug("Received '%s'[%d]: %s", TOKEN_ENDPOINT_URL, resp.status_code, resp.raw)
      assert data["access_token"]
   
   
   
  if __name__ == '__main__':
      main() 
  
              

  After you've got the authentication string, ensure to note it down.

After you generated the authentication string, add the OAuth2Token attribute in your driver configuration, and include the authentication string as the value of the new attribute. For more information, see Setting the OAuth2Token Attribute.

General Notices