https://netsuiteprofessionals.com logo
Join Slack
Powered by
I'm trying to determine if my authentication issue...
# general
g
I'm trying to determine if my authentication issues are due to incorrectly formatted requests or if I dont have the proper credentials.
e
Are you using OAuth 1.0 or OAuth 2.0 to authenticate? How are you testing your connection? Are you using POSTMAN?
j
View Login Audit Trail > Edit/Save As Custom Saved Search > Results > Add the 
Detail
column to your saved search > Save This should will give you the error when there is a login failure. We only use REST, so not 100% sure if this will work for SOAP.
g
I have tried TBA (oauth1) and oauth2. I am using postman to test my connection.
with oauth2: I have been making sucsessful get requests to ://{{my-account-id}}.app.netsuite.com/app/login/oauth2/authorize.nl the get request redirects me to the netsuite login page in a webbrowser HOWEVER! the login page looks bizzare, it has the word "shop" on it and looks like an ecommerce page with netsuite branding. When I try my netsuite credentials in its login section, my username is recognized but my password is not permitted
message has been deleted
message has been deleted
this is the redirect pages
e
Try client credentials flow for OAuth 2.0 instead of code grant flow - https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_162730264820.html
b
what kind of monster recommends client credentials
you have to work really hard to get that working in postman
g
... I already tried client credentials 🥲
b
can you log into netsuite?
g
I think I kept messing up creating the jwt token
yea
I can log into netsuite
(the netsuite ui)
b
have you assigned yourself a TBA Token
g
I need a TBA token for oauth2?
b
you dont, but you have some weirdness with the redirect
there are 2 ways to use oauth 2 with netsuite
the first is code grant, which is generally useless since it only lasts 7 days
and there is client credentials, which is hard to implement
g
Yea I tried to implement client credentials
it is hard
are you familiar with it?
b
well enough to tell you that you would need a pre request script in postman to use it
g
I was so confused as to wither the variables in the jwt token body for the expiration and creation time of token (exp and iat) should be from the second I create the jwt token or the second I create the open ssl certificate
or is are they not even that specific
could i just use the unix timestamp of the first hour of the day i create the token
b
those things are part of jwts, you would need to learn how jwts work to know that answer
though usually the correct answer is to use a library that generates the jwt for you
g
Ive been using pyjwt (python library for generating jwt tokens)
but I still think I'm not inputting the correct params
b
meh, its a library that assumes you know how those claims work
g
do you know if I have to decode the secret key before using it as an input to create the jwt
b
it makes you fill in the claims yourself, which honestly defeats the point
if you want to use that library, you need to know how claims work and what those specific claims required by netsuite represent
g
ok, ill try a different jwt library
thanks
b
you shouldnt be guessing what goes in the iss
its used for a specific purpose
g
the iss is my client ID from the integration record
I know that
b
my bad, wrong claim beginning with i
meant iat
2 Views
Open in Slack
PreviousNext
Powered by