This site was built to compliment the existing NetSuite Professionals Slack Community by adding a means for members to easily find answers to common questions and to create a searchable database of those questions and answers.

NetSuite Professionals

Hi,
 Hope you're doing well.
I'm currently integrating my application with NetSuite and working with the REST APIs. Initially, I set up OAuth 2.0 with the authorization code grant, but later discovered that the refresh token is only valid for 7 days, requiring users to manually re-authorize via redirection to NetSuite. This limitation is a blocker for my use case.
To resolve this, I switched to the *Client Credentials (M2M)* flow. According to the documentation, the access token in this flow is valid for 2 years, which suits my needs. However, I noticed another section in the documentation mentioning a *90-day* expiration, which has caused some confusion.
Here are the links I’ve been referring to:
• <https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_162686838198.html#subsect_162686947286|OAuth 2.0 Token-Based Authentication>
• <https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_158255317571.html#subsect_160828987108|Managing Client Credentials>
Can anyone please help clarify the actual expiration period for tokens in the Client Credentials flow ?

&gt;*AI generated answer (using internal Slack threads):*
******
Disclaimer:

This response was generated by an artificial intelligence assistant based on previous conversations from multiple Slack channels, and may contain inaccuracies or mistakes.
******

Based on the conversations, it seems that the OAuth 2.0 refresh token indeed expires after 7 days. This is a limitation of the OAuth 2.0 Authorization Code Grant flow in NetSuite. 

However, as of the 2021.2 release, NetSuite introduced a new OAuth 2.0 flow called the *Client Credentials (Machine to Machine) Grant* flow. This flow is designed for server-to-server interactions and does not require user interaction, which seems to be more suitable for your use case.

As for the confusion about the expiration period of the tokens in the Client Credentials flow, the conversations do not provide a definitive answer. The documentation links you provided also seem to have conflicting information. 

Unfortunately, without further information or clarification from NetSuite, it's not possible to provide a definitive answer to your question. I would recommend referring back to the official NetSuite documentation or reaching out to the NetSuite community for further assistance.

&gt;*Slack thread 1:* <https://netsuiteprofessionals.slack.com/archives/C298P0BCK/p1629773813168100|here> (available only if the original thread was posted in the last 90 days)
&gt;*Similarity score:* 0.903718293

&gt;*Slack thread 2:* <https://netsuiteprofessionals.slack.com/archives/C29J1BPM3/p1629991696002000|here> (available only if the original thread was posted in the last 90 days)
&gt;*Similarity score:* 0.894582093

&gt;*Slack thread 3:* <https://netsuiteprofessionals.slack.com/archives/C2K2RJNAC/p1588795829118900|here> (available only if the original thread was posted in the last 90 days)
&gt;*Similarity score:* 0.891804874



Please provide your feedback on this answer.