This site was built to compliment the existing NetSuite Professionals Slack Community by adding a means for members to easily find answers to common questions and to create a searchable database of those questions and answers.

NetSuite Professionals

Hello everyone,

I'm trying to make a custom record as secure as possible so I'm removing all roles apart from the admin role from it.
This creates an issue because a RESTlet we use (which any role can access) does a lookupFields() on that record so I've tried creating a new Suitelet that will do that lookupFields process and use the response value back in the RESTlet.

Only problem is, when using url.resolveScript() &amp; https.get() I can't get past the login body.

Anyone ever run into this issue and was able to circumvent it somehow?

My first thought here is the change the deployment of the Restlet to only allow the roles that you want to access it.  Perhaps Admin and one other custom role that has access to only exactly what you want it to have.   That would eliminate part of the issue.

As for using a Suitelet, that is unauthenticated so having that in chain destroys any sense of security you may have in the process.

I agree with that last sentence, we've opted for a new solution of storing data instead of that custom record.

Thanks for your input <@UCV4TNZQS>!