https://netsuiteprofessionals.com logo
Join Slack
Powered by
Anyone else using the oauth2.0 user flow for authe...
# integrations
s
Anyone else using the oauth2.0 user flow for authentication to Restlet / REST? Do you find the 7 day expiry on refresh token annoying?
Yes I'm aware of the client machine to machine flow
s
what's annoying? The user flow is meant to ensure a human end user is periodically authorizing access. It's not surprising [to me] that NS enforces that time period.
If you have a use case that truly includes a human, perhaps file a case with NS to see if they might extend that period?
You mention the client credentials flow, which is usually the answer when folks ask a question like this - in many cases they are doing a system-system integration but using the code grant flow, so that 7 day human involvement is a pain point.
s
Can you imagine having to re authorise every app you’ve ever granted access to every week?
s
(as it should be?)
s
Nightmare
s
Agreed, but it seems to come up rarely as a real use case here in this forum. Perhaps NS is just paranoid since it is an accounting system and all that jazz.
s
I understand the security aspect of it but I haven’t seen it elsewhere
s
aye. as far as I know that 7 day period is not adjustable.
s
Also the difference between those 2 methods has nothing to do with expiration dates. With user flow, the user can allow access without having to interact with other party. With machine to machine a manual exchange and uploading of rsa cert needs to take place
s
that cert approach for machine-machine works out to effectively up to 2 year expiration dates.
possible hacky workarounds that I don't recommend would include using a Suitelet (available without login) instead of RESTlet, or switch to machine-machine with a privileged system account whereby individual user authorization is managed outside NS.
I do generally get the impression that NS discourages the user flow, and a 7 day forced refresh expiration tends to support that.
2 Views
Open in Slack
PreviousNext
Powered by