This site was built to compliment the existing NetSuite Professionals Slack Community by adding a means for members to easily find answers to common questions and to create a searchable database of those questions and answers.

NetSuite Professionals

The API secrets that we have in production, does sandbox also has them after the sandbox refresh?

No you will have to set up the tokens again 

What about the script parameters with company preferences? Do the data in them transfer over to the sandbox after a refresh ?

<https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_1516026974.html#Data-That-is-Not-Copied-from-Production-to-Sandbox>

I think you are confusing API Secrets with Token-based Authentication (TBA). I'm pretty sure that the former does copy over, as do script parameters

Other integrations we have or literally anything sensitive wanted a secure way for them to be accessible in multiple scripts.
Was just thinking what should be the best approach.