Hello, I am experiencing an issue with API secrets. I am aiming to utilize a securely tokenized API secret within SuiteScript. Could someone kindly provide me with guidance on this matter? Below is the code in question. Thanks in advance.

define(['N/https'], (https) => {     
    const key = https.createSecureString({
        input: 'custsecret_test_key'
    });

    const header = https.createSecureString({
        input: 'Bearer '
    });

    header.appendSecureString({
        secureString: key
    });

    <http://https.post|https.post>({
        url: <https://api.xxx.com/>,
        headers: {
            'Authorization': header,
            'Content-Type': 'application/x-www-form-urlencoded'
        }
    });

});

Error

{
"error": {
"message": "Invalid API Key provided: custsecr**************_key",
"type": "invalid_request_error"
}

Have you tested by logging

header

variable to see what it's creating?

As you know, we cant log the secret key

Sorry I wasn't aware. Makes sense though.

Thanks

When I look at

https.createSecureString

spec it doesn't seem to allow for loading directly a value from a secret. It seems for that portion you might want to use

https.createSecretKey

Something like.

const key = https.createSecretKey({
        secret: 'custsecret_test_key'
    });

Oh, maybe, I will try

SecureString.appendString -> https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_460942016600.html#SecureString.appendString(options) https.createSecureString -> https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_4418247678.html#https.createSecureString(options) https.createSecretKey -> https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_4418247967.html#https.createSecretKey(options)

Yep. curly braces are required.

I missed this part of the input.

Works well