Machine-to-Machine Authentication (CI/CD)

With machine-to-machine authentication, you need to enter the following details:

• Account ID: References the NetSuite account ID.

• Certificate ID: References the certificate ID you get from NetSuite after uploading the public key file.

• Private key file: References the local path to the private key file that matches the certificate in NetSuite. For example: d:/path/private-key.pem.

  Important:

  To get the certificate ID, you need to generate an RSA certificate. The RSA certificate has two parts: the public key and the private key.

  Upload the public key in the OAuth 2.0 Client Credentials Setup by choosing SuiteCloud Development Integration in the Application field and selecting the entity and role to map. This will generate a new row with the certificate ID value.

  The private key path value is the location where the private key is saved.

  For more information about how to generate the RSA certificate, see Certificate Conditions.

  For more information about how to upload the public key, follow the steps in OAuth 2.0 Client Credentials Setup.

Machine-to-machine authentication uses two environment variables:

• SUITECLOUD_CI: Set this to 1 (preferred) or anything other than zero to run operations in a CI/CD environment using machine-to-machine authentication.

• SUITECLOUD_CI_PASSKEY: Set the passkey you'll use to create the credentials file. The passkey needs 32 to 100 alphanumeric characters and should be updated regularly.

  Important:

  When you change the passkey, your current credentials file won't work anymore. After changing it, you'll need to delete the old credentials file and set up your account again.

To set up and manage authentication IDs for machine-to-machine authentication, you only need to set the SUITECLOUD_CI_PASSKEY environment variable. To use the authentication IDs to run operations that need authentication, you need to set both the SUITECLOUD_CI_PASSKEY and SUITECLOUD_CI environment variables.

When you use machine-to-machine authentication, SuiteCloud SDK creates the credentials file (credentials_ci.p12) and encrypts it with the passkey you set in the SUITECLOUD_CI_PASSKEY environment variable. When you do operations that require NetSuite authentication, SuiteCloud SDK retrieves the passkey from the environment variable and uses it to decrypt the credentials file.

To use your authentication credentials in your CI/CD environment, here's what you need to do:

• Upload the credentials_ci.p12 file to your CI/CD environment securely.

• Set the SUITECLOUD_CI_PASSKEY environment variable in your CI/CD environment and use the same passkey you used to create the credentials file.

• Set the SUITECLOUD_CI environment variable to 1 in your CI/CD environment to enable machine-to-machine authentication.

With the credentials and environment variables set, SuiteCloud SDK tools can do operations that need NetSuite authentication in the CI/CD pipeline.

For more information, see Using Machine-to-Machine Authentication for CI/CD Environments.

For information about setting environment variables for different operating systems, see Setting Up Environment Variables for SuiteCloud SDK Tools.

General Notices