Hi, i had a doubt about what is the difference between restlets and backend suitelets? I dont understand like is there a security issue in backend suitelet or is it better or easier ? or restlets are much better

RESTlet have the governance of 5000 units, while Suitelet has 1000 units. Not sure where did you get the same governance thing. Backend Suitelets can serve as the REST api but it depends upon the use case. If you need security/authentication, then go with RESTlet.

Sorry, right its 1000 my bad, but I have 2 ques: 1. how does Restlet provide more security I mean we are anyway generating token and secret for both the Suitelet and Restlet URL's to get accessed how is Restlet better at providing more security then? I am little confused here. 2. like what other specific use cases where Suitelet is used is preferred over Restlet I mean if governance is more and security is tight why do we backend Suitelet? I worked on backend Suitelet and made a API for client but did not understand why he "preferred" backend Suitelet over Restlet?

I've never seen anyone use tokens to access a suitelet. Can you keep the suitelet not externally accessible and use tokens to access it anyway?

is suitelet has a concurrence limit access same as restlets?

Don't think so. But I'm wondering if you use a RESTlet "internally" in Netsuite with https.requestRestlet(), is that counted to concurrency as well?

A SuiteLet has a few uses, for instance you can create a form and allow the logged in user to access it, you cannot do that with a RESTlet. (yes you can also give access to a non-user if you deploy it that way and they have a link to the SuiteLet) You could for example use a Suitelet in a popup window. You can use a SuiteLet as a simple way to retrieve data for a client script. If you develop an Email plugin, these are SS1.0 only and you are limited to an extent by that, for instance you cannot hang a map/reduce off the plugin directly as SS1.0 has no knowledge of map/reduce scripts so in that instance you can call an SS2.0 SuiteLet that could create the map/reduce task. Generally speaking I would say, if you have an external entity accessing NetSuite that isn't a direct NS user on the system RESTlets with tokens is the way to go.

@razer456 not sure how you are generating the tokens for Suitelet. Because a Suitelet does not require them. What is your use case?

As far as I know, Suitelets support TBA just as well as RESTlets. There is a table somewhere listing supported auth methods that maybe battk will conjure up.