https://netsuiteprofessionals.com logo
Join Slack
Powered by
what should be used as the callback url on a 2.0 O...
# suitescript
g
what should be used as the callback url on a 2.0 OAuth integration?
b
url of a server you control
g
Thanks for the reply @battk what if I don't have any server I control?
b
how do you plan on using the ouauth 2 tokens?
g
I have a restlet script
That will create sales orders
I'm trying now to first set up OAuth 2.0 to use with postman, and then later a customer website commerce will use it, sending the orders to be created in NetSuite
b
to be clear, i expect this to be a lost cause, netsuite's oauth 2 implementation is not for long term integrations
g
why?
b
netsuite refresh tokens last for 7 days, at which point someone needs to complete the authorization flow, which is browser based
you can continue along with postman if you want, it has basic support for oauth 2 built in
g
oh man, really? and what about OAuth 1.0, will it be discontinued?
b
no plans for deprecation have been given
g
thanks man!
a
We are trying to use OAUTH to integrate. Is there no way around the 7 day expiry, or is there a way to automate the re-auth. Our integration is needed 24/7 and won't have someone on hand to re-auth every 7 days.
b
use TBA authentication instead
💯 3
a
Our integration specifically wanted OAUTH. I've gone back to them. I don't think they support TBA!
b
if it helps, it mostly OAuth 1
a
Does Oauth21 not have the 7 day re-auth?
b
TBA tokens have no expiration date
👍 1
g
@battk How can you set up to use TBA with OAuth 1.0?
b
not sure what you are asking, for the most part TBA is OAuth 1.0
only difference is that some operations allow a role parameter in TBA that is not present in OAuth 1.0
g
Right now I have OAuth 1.0 set up with TBA, so on the integration I use consumer key/ consumer secret and token key/token secret. I'd like to know what I need to do to create the TBA token and use it instead
b
again, they are the same thing
g
Sorry, I mean using three-step authorization flow
If I enable TBA: Authorization Flow, what I should use as the callback url and how I could test the integration on postman?
b
keep in mind that the 3 step flow is designed for integrations where you have your own server
and will be asking for access from accounts that you dont control
g
can I use localhost? what you mean by "asking access from accounts that you don't control"?
b
otherwise, if you have access to the account, you can generate tokens via Access Token Management or User Access Token
the 3 step flow consists of your server sending a request to netsuite for access to an account, netsuite generates a page to login and approve that request, and then netsuite responds back to your server with the approved tokens
you can do it on local host, but that implies that you already have access to the netsuite account, where it is much easier to manually generate tokens
you would be wasting time to complete a 1 time use flow when you can generate the tokens manually
g
this approved token won't have an expiration date right?
because it seems NetSuite will make it mandatory at some point?
To either use OAuth 2.0 or OAuth 1.0 with the 3-step authorization flow
b
currently no expiration on tba tokens
7 day expiration on oauth 2 refresh token
g
Thanks! OAuth 1.0 without 3-step won't be discontinued?
b
they have expressed no plans to do, that can change at any time
👍 1
g
Thank you
48 Views
Open in Slack
PreviousNext
Powered by