Reputation: 342
How to POST to NetSuite custom record from external site?
I'm trying to integrate a very small custom web application with NetSuite. I want a custom record to be created in NetSuite whenever a user clicks a button in my web application.
I have written a RESTlet that works with the REST API Testing chrome extension. I have successfully created records through that chrome extension.
However, when I try to POST from my web application, I get this error:
"Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 401."
How can I POST to NetSuite with a RESTlet from an external site? Should I even be using a RESTlet or is there a better way?
Upvotes: 0
Views: 3243
Answers (2)
Reputation: 15402
RESTlets are meant more as a system to system technology. They require authentication and if you are doing that from a public app your credentials will be compromised.
Netsuite doesn't allow you to set a CORS header so your cross domain integration needs to be via a publicly available suitelet and JSONP.
Since JSONP makes use of get requests you need to make sure your url params end up less than about 2k characters. That's not a standard limit so ymmv
patterns I often use: Client code:
var url = "public suitelet url from deployment screen";
var params = {
mode: 'neworder',
//simple name/value data
};
$.ajax({
url: url+"&"+ $.param(params) +"&jsoncallback=?",
cache:false,
dataType:'json',
success: function(jResp){
if(!jResp.success){
if(jResp.message) alert(jResp.message);
return;
}
// act on the results
}
});
A library function in the suitelet source file.
function _sendJSResponse(request, response, respObject){
response.setContentType('JAVASCRIPT');
//response.setHeader('Access-Control-Allow-Origin', '*');
var callbackFcn = request.getParameter("jsoncallback") || request.getParameter('callback');
if(callbackFcn){
response.writeLine( callbackFcn + "(" + JSON.stringify(respObject) + ");");
}else response.writeLine( JSON.stringify(respObject) );
}
and then a Suitelet function
function service(request, response){
... do some work and generate a response
var returnObj = {
success:true,
message: '',
result:result
};
_sendJSResponse(request, response, returnObj);
}
Upvotes: 5
Reputation: 1341
That's your browser and its CORS setting
If using chrome ( you should be ;) ) on Windows, create a chrome shortcut with the following flags
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --disable-web-security --user-data-dir
Then, kill/restart ALL INSTANCES of chrome in the Task Manager and try your requests again
Otherwise google "disable CORS on MY_BROWSER"
Upvotes: -1
Related Questions
- Accept webhook POST data to create record using ASP.NET or PHP
- Netsuite calling REST API hosted outside
- Getting "Must be a POST request" while pushing to third party website
- Access a record through a Restlet, Netsuite
- Netsuite-Suitelet post to restlet get parameters
- Netsuite Restlet - inserting sales order
- How to Add New Custom record Item in netsuite using webservices?
- How to pass url parameters on Post request in Netsuite Suitelet
- Send info from Netsuite to Magento Api
- Netsuite POST data from a Portlet to a RESTlet in JSON