https://netsuiteprofessionals.com logo
Join Slack
Powered by
Has anyone used JWT's for connecting to NS? I'm co...
# suitescript
e
Has anyone used JWT's for connecting to NS? I'm confused by the docs; which values are used for the 
kid
and 
iss
parameters? In one section the docs mention the client ID as the 
kid
parameter and in another it mentions the certificate id.
b
it sounds like you are trying to implement oauth 2 client credentials
biggest warning is that the documentation is wrong in multiple places, I would recommend contacting netsuite support so they can guide since they evidently know which parts are wrong
if you insist on attempting it yourself, then my advice to you is that the example post is more correct than the documentation, do what it does instead of what the documentation tells you to do
e
thanks, I keep hitting road blocks. Would you mind linking the example you mention?
b
there are 2 subsections, you need to have an understanding of both
e
I guess 
client_assertion
is correct as in the example as opposed to just 
assertion
in the section above?
b
correct
thats not the only thing wrong either
you need to also take a look at the claims in the jwt, the example also doesnt match the documentation
there are too many things wrong to expect to be able to implement this from documentation
e
A postman request from support would be helpful. I'll reach out to support, spinning my wheels trying to deduce the payload isnt' a great use of time
b
I would be moderately impressed if netsuite can generate a postman request that can generate the jwt
its not supported natively by postman, so they would need a rather advanced pre-request script
e
Even though postman themselves provide an example? I suppose I share your reservations
b
The value of the alg parameter is PS256, PS284, PS512, RS256, RS384, or RS512.
netsuite only allowed the asymmetric crypto options
postman pre-request scripts use CryptoJs for crypto, which only has symmetric support
e
I noticed that and found a SO post to include another lib. I think I'll stick with Oauth 1 for what I'm doing
b
the funny thing is that it will probably be easier to implement tba than it will be to implement their oauth 2 client credentials
one of the benefits of oauth 2 was that it was easier on the crypto side, that benefit was destroyed when netsuite required a client assertion
e
I'm sure it will be easier. Thanks again for the insight
Open in Slack
PreviousNext
Powered by