Secrets as XML Definitions
You can store, manage, and reference API secrets securely in NetSuite at Setup > Company > Preferences > API Secrets. You can then reference these secrets in SuiteCloud Development Framework (SDF), preventing the need for plaintext secrets in scripts. API secrets include hashes, passwords, keys, and other secrets for managing digital authentication credentials. Secrets up to 1,000,000 characters are accepted. Secret SDF custom objects can be imported in a SuiteCloud project as long as the Available in SuiteApp box is checked.
For information about creating API secrets, see Creating Secrets. For the SuiteCloud Development Framework XML Reference information about secret SDF custom objects, see secret.
Secrets are represented in SDF by a secret SDF custom object that references the API secret. In SDF, you need to create an SDF custom object XML file with the prefix custsecret_, that contains the root tag <secret> and script ID with the prefix custsecret_. For more information, see SDF Custom Object and File Development in SuiteCloud Projects.
API secret owners can set criteria to limit access for other users or allow access for a specific SuiteApp. A secret can only be referenced by its script ID, and the password value cannot be displayed. If you need to share a password across multiple SuiteApps, you must create multiple secrets with the same password.
Only SuiteScript 2.x APIs can use the secret. For a list of supported SuiteScript 2.x modules, see Supported SuiteScript 2.x modules.
Consider the following information when including secret SDF custom objects in your SuiteCloud project:
-
A secret SDF custom object cannot be included in more than one SuiteApp.
-
A secret can only be updated in the same account where it was created. This applies for an SDF SuiteApp installed to a target account and a SuiteCloud project deployed to a target account.
-
Ensure that you do not enter a secret in an account that will be deleted in the future.
Secret Object Example
The following is an XML definition example of a secret SDF custom object.
The secret SDF custom object secret creates a new reference to a script custsecret_example_id that was created in a NetSuite account.
<secret scriptid="custsecret_example_id"/>
Related Topics
- Scripting
- User Event Scripts as XML Definitions
- Scheduled Scripts as XML Definitions
- SDF Installation Scripts as XML Definitions
- Workflows as XML Definitions
- Translation Collections as XML Definitions
- Map/Reduce Script Objects as XML Definitions
- Portlet Scripts as XML Definitions
- Client Scripts as XML Definitions
- Integration Records as XML Definitions
- Mass Update Scripts as XML Definitions
- Suitelet Scripts as XML Definitions
- RESTlet Scripts as XML Definitions
- Single Page Applications as XML Definitions