https://netsuiteprofessionals.com logo
Join Slack
Powered by
Does anyone have any guidance on figuring out the ...
# suiteql
a
Does anyone have any guidance on figuring out the correct configuration of (roughly minimal) permissions for a role in order to issue OAuth1 tokens for SuiteQL querying? Hoping to find something to help me arrive at the ability to perform operations like 
SELECT * FROM account
and similar via the Rest/SuiteQL API. Currently I am getting this for all requests:
Invalid search query. Detailed unprocessed description follows. Your current role does not have permission to perform this action.
t
@Andrew I think you'll need a role with at least "Lists - Accounts (View)" and "Setup - Login Using Tokens (Full)."
🙏 1
m
In addition you might need REST Web Services (Full), SuiteAnalytics Workbook (Edit), Find Transaction (View)
💯 1
🙏 1
b
along with permission to work with whatever record you are querying
in your example, thats accounts
a
Thank you all for your input! What I'm seeing right now is that with the above recommendations I've been able to run a simple query for accounts, subsidiaries, ... However, a more complex query (which joins across Account, Transaction, TransactionAccountingLine) is failing. Strangely, it fails with a token issued for Administrator credentials even though this had been working. Has Netsuite issued any recent changes around the use of tokens to access SuiteQL?
m
What error message are you getting with the admin token?
a
The response:
Copy code
{
  "type": "<https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2>",
  "title": "Unauthorized",
  "status": 401,
  "o:errorDetails": [
    {
      "detail": "Invalid login attempt. For more details, see the Login Audit Trail in the NetSuite UI at Setup > Users/Roles > User Management > View Login Audit Trail.",
      "o:errorCode": "INVALID_LOGIN"
    }
  ]
}
m
On the audit trail page, can you add a column for Detail and advise what it shows there?
a
The issue above was a misconfiguration on my end (wrong realm string got passed). I am able to run my desired query with admin tokens. With my new token, the response comes back successful (nominally) but there are not actual records--it's an empty list. The permissions on the role are:
Copy code
Setup
Accounting Lists 	       	View
Log in using Access Tokens 	Full
REST Web Services 	       	Full
SOAP Web Services 		Full
User Access Tokens 		Full 

Lists
Accounts 	View
Subsidiaries 	View
Work Calendar 	View 

Reports
SuiteAnalytics Workbook 	Edit
Transaction Detail 	View
Trial Balance 		View 

Transactions
Find Transaction 	View
And the query in question:
Copy code
SELECT ACCOUNT.id,
 ACCOUNT.acctnumber,
 SUM(TransactionAccountingLine.TransactionAccountingLine.amount) AS balance FROM TRANSACTION,
 ACCOUNT,
 TransactionAccountingLine,
 transactionLine 
WHERE TransactionAccountingLine.ACCOUNT = ACCOUNT.ID(+)
 AND transactionLine.TRANSACTION = TransactionAccountingLine.TRANSACTION
 AND transactionLine.ID = TransactionAccountingLine.transactionline
 AND TRANSACTION.ID = transactionLine.TRANSACTION
 AND ACCOUNT.isinactive = 'F'
 AND TRANSACTION.posting = 'T'
 AND ACCOUNT.ID IS NOT NULL
 AND ACCOUNT.issummary = 'F' GROUP BY (ACCOUNT.id, ACCOUNT.acctnumber)
b
your role needs more permissions
you want one for each transaction you want to report on
a
Thank you all again for your help! It looks I was missing a few things, notably "Login Using Tokens (Full)" and "SuiteAnalytics Workbook (Edit)" -- which I would not have thought of and not tried. Furthermore, it appears I do need to add permission for each type of transaction (which in my case is all of them). Unfortunately this requires going through and adding every single one. At this point this is working! 🎉
m
🎉
361 Views
Open in Slack
PreviousNext
Powered by