Hi Everyone, Does anyone worked with oAuth2.0 Inte...
# suitescript
c
Hi Everyone, Does anyone worked with oAuth2.0 Integration? If yes, do we need to generate the tokens in Netsuite or not? Because I didn’t see the Application record while creation of Accesstokens? It would be great If someone can help me on this ?
b
You probably want to at least start at OAuth 2.0 Authorization Code Grant Flow
its a redirection based flow built around you building a server that redirects to netsuite's authorization endpoint
netuite's authorization endpoint eventually redirects back to your server's redirection endpoint
at which point your server makes a post request to netsuite's token endpoint to get your tokens
i personally recommend taking a look at other oauth 2 resources outside of netsuite first, so you can recognize the unusual way that netsuite uses refresh tokens
currently they only last a week, at which point your refresh token expires and you need to get a new one by starting over
c
Yes I have tried this and it’s working and the horrible thing in the oauth2.0 is it only supports for authorise grant type which requires single sign on everytime. I mean it displays consent screen everytime when we request the netsuite resource from outside the system.
b
that doesnt sound correct
none of the endpoints that accept oauth 2 for authentication will prompt for consent
c
Sorry, I didn’t get you @baktt. I meant to say currently in netsuite oAuth 2.0 authentication is only possible through below steps which is Users enter user credentials into one of the following login forms as a part of the flow. A trusted NetSuite login form. SAML SSO Identity provider’s login form. OIDC OpenID Connect provider’s login form.
b
correct, the user needs to login, or already be logged in to netsuite
c
But my question here is there a possibility in netsuite where user credentials can be passed through the rest api code from the outside of netsuite and it should be validated by netsuite without consent screen and returns the token back to the calling point.
@battk let me know your insights on this?
b
no, netsuite used to offer user credentials as a authentication method in the past
and are currently deprecating it
c
Thanks for letting me know. Then for oAuth 2.0 in netsuite the consent screen authentication is the only solution right or Is there any approaches where we can authenticate without consent screen? Because clients are worrying about the consent screen to validate everytime when the request is made to the netsuite.
b
The consent screen should only be needed every 7 days
Not every request
c
Ok got it @battk . Thanks!
b
That said, the older token based authentication (mostly oauth 1) will probably be more useful since it doesn't expire