1. Account Administration
  2. Authentication
  3. Token-based Authentication (TBA)
  4. Troubleshoot Token-based Authentication (TBA)
  5. The Authorization Headers

The Authorization Headers

This section covers creating authorization headers. The values used in the following code samples are defined in the section The Signature for Web Services and RESTlets.

Create the Authorization Header

To create the authorization header, see the following sections:

Note:

For RESTlets, each parameter must be rawurlencoded.

SOAP Web Services Header

              $passport = " <ns:tokenPassport soap:actor=\"http://schemas.xmlsoap.org/soap/actor/next\" soap:mustUnderstand=\"0\" xmlns:ns=\"urn:messages_2015_2.platform.webservices.netsuite.com\">\n"
  ." <ns:account>".$realm ."</ns:account>\n"
  ." <ns:consumerKey>".$consumerKey ."</ns:consumerKey>\n"
  ." <ns:token>". $tokenKey ."</ns:token>\n"
  ." <ns:nonce>". $nonce ."</ns:nonce>\n"
  ." <ns:timestamp>". $timestamp ."</ns:timestamp>\n"
  ." <ns:signature algorithm=\"". $signatureMethod ."\">". $signature .":</ns:signature>\n"
  ." </ns:tokenPassport>";

SOAP Web Services Token Passport Example

                <ns:tokenPassport soap:actor="http://schemas.xmlsoap.org/soap/actor/next soap:mustUnderstand="0" xmlns:ns="urn:messages_2015_2.platform.webservices.netsuite.com"
  <ns:account>123456</ns:account>
  <ns:consumerKey>f40afdd8abaac111b13825dd5e5e2ddddb44f86d5a0dd6dcf38c20aae6b67e4</ns:consumerKey>
  <ns:token>2b0ce516420110bcbd36b69e99196d1b7f6de3c6234c5afb799b73d87569f5cc</ns:token>
  <ns:nonce>fjaLirsIcCGVZWzBX0pg</ns:nonce>
  <ns:timestamp>1508242306</ns:timestamp>
  <ns:signature algorithm="HMAC-SHA256">76wQrUWF8i3BwfAjrNnTxjFo+Ixj9YzYgsj+HVeGQyY=</ns:signature>
</ns:tokenPassport>

RESTlet Header

              $header = 'Authorization: OAuth '
         .'realm="' .rawurlencode($realm) .'", '
         .'oauth_consumer_key="' .rawurlencode($consumerKey) .'", '
         .'oauth_token="' .rawurlencode($tokenKey) .'", '
         .'oauth_nonce="' .rawurlencode($nonce) .'", '
         .'oauth_timestamp="' .rawurlencode($timestamp) .'", '
         .'oauth_signature_method="' .rawurlencode($signatureMethod) .'", '
         .'oauth_version="' .rawurlencode($version) .'", '
         .'oauth_signature="' .rawurlencode($signature) .'"'

RESTlet Header Example

                Authorization: OAuth realm="123456", oauth_consumer_key="ef40afdd8abaac111b13825dd5e5e2ddddb44f86d5a0dd6dcf38c20aae6b67e4", oauth_token="2b0ce516420110bcbd36b69e99196d1b7f6de3c6234c5afb799b73d87569f5cc", oauth_nonce="fjaLirsIcCGVZWzBX0pg", oauth_timestamp="1508242306", oauth_signature_method="HMAC-SHA256", oauth_version="1.0", oauth_signature="7mpNx1RdQn4VLSyeEwCK7jFBjGQ0blzwDSMU9Kg5Rmg%3D"

REST Web Services Header

              $header = 'Authorization: OAuth '
         .'realm="' .rawurlencode($realm) .'", '
         .'oauth_token="' .rawurlencode($tokenKey) .'", '
         .'oauth_consumer_key="' .rawurlencode($consumerKey) .'", '
         .'oauth_nonce="' .rawurlencode($nonce) .'", '
         .'oauth_timestamp="' .rawurlencode($timestamp) .'", '
         .'oauth_signature_method="' .rawurlencode($signatureMethod) .'", '
         .'oauth_version="' .rawurlencode($version) .'", '
         .'oauth_signature="' .rawurlencode($signature) .'"'

REST Web Services Header Example

              Authorization: OAuth realm="123456", oauth_token="2b0ce516420110bcbd36b69e99196d1b7f6de3c6234c5afb799b73d87569f5cc", oauth_consumer_key="ef40afdd8abaac111b13825dd5e5e2ddddb44f86d5a0dd6dcf38c20aae6b67e4", oauth_nonce="fjaLirsIcCGVZWzBX0pg", oauth_timestamp="1508242306", oauth_signature_method="HMAC-SHA256", oauth_version="1.0", oauth_signature="B5OIWznZ2YP0OB7VrJrGkYsTh%2B8H%2B5T9Hag%2Bo92q0zY%3D"

Related Topics

General Notices