https://netsuiteprofessionals.com logo
#suitescript
Title
# suitescript
d

darrenhillconsulting

04/01/2022, 2:17 AM
Is NetSuite's OAuth2 implementation not appropriate for app-2-app authentication? I mean, the refresh token expires after 7days. Is there no way to refresh the refresh token? All other OAuth2 implementations I've dealt with give you a new refresh token when you update your access token.
b

battk

04/01/2022, 2:31 AM
expect to work harder for this one, it uses a draft extension to oauth 2, so its harder to find support in existing libraries
e

ExtendApps Inc.

04/01/2022, 11:07 AM
Great, I'll have a look @battk
d

darrenhillconsulting

04/01/2022, 1:29 PM
Wow, that is brutal
I'm completely in awe at why NetSuite would implement OAuth 2 this way.
b

battk

04/01/2022, 1:31 PM
my guess is that they did not want to downgrade from the security offered by tba
d

darrenhillconsulting

04/01/2022, 2:08 PM
It feels like the best alternative is the 3-Step TBA Auth flow
Seems OAuth 2.0 Client Creds Flow is a shit show
The solution I come up with needs to be distributable ... and it sounds like OAuth 2.0 Client Creds is unique each time. Did I read that right?
b

battk

04/01/2022, 2:13 PM
its going to be harder to use, there is a manual upload step for the ssl certificate
but you would not need to distribute the client secret
d

darrenhillconsulting

04/01/2022, 2:14 PM
This'll be used in a SuiteApp ... so is that SSL cert upload step one-time? Or each time the SuiteApp is installed? (I can't figure that out).
b

battk

04/01/2022, 2:14 PM
each account would need its own ssl certificate
theoretically you can share, but thats not sane securitywise
2 Views