https://netsuiteprofessionals.com logo
a

Austin Cai

04/16/2022, 1:36 AM
Happy Friday everyone! 🙌 I’m a new NetSuite developer trying to test the application’s REST API. I followed these instructions for enabling TBA in NetSuite and used the account id, access token, token secret, and consumer id/secret for the NetSuite REST API Postman Tutorial. I’m using a sandbox instance. However, I’m getting a
401 Invalid login attempt.
error while trying to submit the very first request. When I check the Login Audit Trail Search within NetSuite, I don’t see any trace of my login attempt. Any pointers on how to debug this issue?
b

battk

04/16/2022, 1:41 AM
too many ids
consumer and client are the same thing
and in general, the postman tutorial doesnt really help with the 3 step flow, it assumes you already have an access token already
otherwise the first place to start is the TBA and the Login Audit Trail
a

Austin Cai

04/16/2022, 1:44 AM
Thanks for the quick response! Sorry, I mistyped. I meant I included the account id, consumer id/secret, access token, and token secret. I got the access token and token secret by creating an access token token under
Setup > User/Roles > Access Tokens
. Am I doing something incorrect here?
b

battk

04/16/2022, 1:45 AM
you dont need to do the 3 step flow if you already have an access token
the point of that flow is to get an access token
a

Austin Cai

04/16/2022, 1:54 AM
I see. Thanks. I followed the instructions for setting up the Audit Log, but for some reason nothing shows up in the logs even though Postman indicates the requests are going through (but failing):
Copy code
{
  "type": "<https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2>",
  "title": "Unauthorized",
  "status": 401,
  "o:errorDetails": [
    {
      "detail": "Invalid login attempt.",
      "o:errorCode": "INVALID_LOGIN_ATTEMPT"
    }
  ]
}
Do you know what might be causing this behavior?
b

battk

04/16/2022, 1:54 AM
its means your attempt is not very close
the login audit trail is only going to be used when you include enough identifying information in the authorization header to tell who is sending the request
a

Austin Cai

04/16/2022, 2:05 AM
I see, does that mean that either my client id or token id is incorrect? I can try generating new ones.
b

battk

04/16/2022, 2:08 AM
your header is not correct if you think a token id is involved
a

Austin Cai

04/16/2022, 2:09 AM
This is my header:
Copy code
Authorization: OAuth realm="80***_SB1",oauth_consumer_key="12967***",oauth_token="a4b2c****",oauth_signature_method="HMAC-SHA256",oauth_timestamp="1650074460",oauth_nonce="SNFdZTTO161",oauth_version="1.0",oauth_signature="7pT9m***"
Is the
oauth_token
not the same thing as the token ID?
b

battk

04/16/2022, 2:10 AM
it is, but thats not what you use for the 3 step flow
a

Austin Cai

04/16/2022, 2:11 AM
Sorry for the confusion — this isn’t the 3 step flow. This is the Postman tutorial, specifically the request to
OPTIONS <https://8025440-sb1.app.netsuite.com/services/rest/*>
.
b

battk

04/16/2022, 2:15 AM
did you setup the postman environment?
a

Austin Cai

04/16/2022, 2:20 AM
Yep, I did. I imported the environment and populated all the environment variables.
b

battk

04/16/2022, 2:20 AM
which ones
there are 6 right answers and one wrong one
a

Austin Cai

04/16/2022, 2:35 AM
All the ones except for
REST_SERVICES
.
message has been deleted
b

battk

04/16/2022, 2:42 AM
suspect values are the account id and the consumer key
consumer key looks like its missing letters
account id should match exactly match the value from SOAP Web Services Preferences
do not make the mistake of getting it from the url
a

Austin Cai

04/16/2022, 2:45 AM
hmm let me take a look
My account id is
80****0_SB1
and it matches the link you sent. My consumer key has letters a bit further down:
12967c741f***
.
b

battk

04/16/2022, 2:53 AM
id go for regenerating all the keys
especially the consumer ones
1
a

Austin Cai

04/16/2022, 5:00 AM
Wow, I finally found the issue… I was using
https://***-<http://sb1.app.netsuite.com/services/rest/*|sb1.app.netsuite.com/services/rest/*>
instead of
https://***-<http://sb1.suitetalk.api.netsuite.com/services/rest/*|sb1.suitetalk.api.netsuite.com/services/rest/*>
.
12 Views