This site was built to compliment the existing NetSuite Professionals Slack Community by adding a means for members to easily find answers to common questions and to create a searchable database of those questions and answers.

NetSuite Professionals

Same question as yesterday. I realized overnight that the scope parameter is a space separated list of permissions. Since it's a url parameter, I'm assuming I should be using `encodeURIComponent(scopes)` . However I tried this and same issue. Middleware generates the token, but it throws a 500 error trying to use it. The weird thing is, I can use the token generated from Postman from NetSuite and it authenticates. Another weird thing, The code snippet from Postman does not use `%20` in `options.url`, nor in the url at the top. Does Postman handle this upon send?

If you're passing url parameters it needs to be in canonical order.

I think I figured it out. There's no need for `encodeURIComponent` . If I pass three or four scopes, it authenticates properly. If I try to pass all of them, it fails. I think it's just a length issue.