This site was built to compliment the existing NetSuite Professionals Slack Community by adding a means for members to easily find answers to common questions and to create a searchable database of those questions and answers.

NetSuite Professionals

To simplify a question of mine - do you think I can rely on `N/cache` with scope `PROTECTED` to be 100% inaccessible to anything except my SuiteApp's scripts? Thinking of keeping OAuth access tokens in there. Thanks!

I don't see why you couldn't. Even if someone was able to bypass the protected scope somehow, they would need to guess the cache name and key to get the value.

Thanks for chipping in! Though, I don't think it's a good idea to rely on security by obscurity. If it's possible to bypass the protected scope, I don't want to go this way. But is it?

I agree regarding obscurity. To be sure, you could test it yourself by creating a script that isn't in your suiteapp. I highly doubt it is.