I posted this in another channel but it s core is really her NetSuite Professionals #suitescript

Join Slack

I posted this in another channel, but it's core is...

# suitescript

Robert Vice

08/19/2021, 3:47 PM

I posted this in another channel, but it's core is really here in suitescript

battk

08/19/2021, 3:48 PM

Secrets Management

🙌 1

battk

08/19/2021, 3:48 PM

keep in mind that it only works with the N/https or N/crypto modules

Robert Vice

08/19/2021, 3:49 PM

Perfect, thank you

Robert Vice

08/19/2021, 4:22 PM

Looks like I'm having issues pulling it into my script. I've tried the example using the ID found in API Secrets and even allowed all scripts/domains.

battk

08/19/2021, 4:23 PM

secrets (and their predecessor GUIDs ) are inconvenient to work with

battk

08/19/2021, 4:23 PM

the documentation for them is pretty bad

battk

08/19/2021, 4:24 PM

you will need to share your code and describe what problems you are having

battk

08/19/2021, 4:24 PM

you also probably want to learn how to use an echo service like https://httpbin.org/ so you can see what your requests look like

Robert Vice

08/19/2021, 4:26 PM

Sure, I'm making an https GET request with the following. I removed some sensitive information

Copy code

const response = https.get({
        url: 'https://<mypingpongurl>',
        headers: {
            ApiKey: 'custsecret_api_key'
        }
    });

If I change the custsecret_api_key (NS API Secrets ID) to my actual API key, it functions as expected.

battk

08/19/2021, 4:29 PM

secrets are used like data in a template

battk

08/19/2021, 4:30 PM

use

'{custsecret_api_key}'

❌ 1

battk

08/19/2021, 4:31 PM

there are rules regarding on when you have to use the credentials parameter in your request like in the Create a Form Field with a Credential Field Sample

battk

08/19/2021, 4:32 PM

i dont bother to memorize them and just always use the credentials parameter

Robert Vice

08/19/2021, 4:33 PM

no luck with adding the {} in the .get

Robert Vice

08/19/2021, 4:36 PM

I need the secret within that header, doesn't seem the request makes much different. This is used within a Suitelet to an external to Netsuite API

battk

08/19/2021, 4:36 PM

i recommend using an echo service to see what your request looks like

battk

08/19/2021, 4:37 PM

and to use the credentials parameter

Robert Vice

08/19/2021, 4:39 PM

reading the documentation, the credentials do not go to the headers.

battk

08/19/2021, 4:43 PM

Create a Form Field with a Credential Field Sample is the example that has a guid in the headers

battk

08/19/2021, 4:43 PM

it uses a SecureString instead of a template expression, but that should at least tell you that its possible

Nicholas Penree

08/19/2021, 5:40 PM

seems like you might have to use the createSecureString in this instance since

credentials

is not available on a

GET

since it searches bodies and body doesn't exist on a GET request

Nicholas Penree

08/19/2021, 5:42 PM

Copy code

const ApiKey = https.createSecureString({
  input: '{custsecret_api_key}'
});
const response = https.get({
  url: 'https://<mypingpongurl>',
  headers: { ApiKey },
});

✅ 1

Robert Vice

08/20/2021, 7:22 AM

Thank you all for the help, working now

🤝 1

Open in Slack

Previous Next