Reputation: 425
How to request Netsuite RESTlet with TBA authentification
I am trying to do a request my Netsuite RESTlet using Alamofire (SWIFT) but I meet several difficulties: In the documentation it's specify the different parameters needed (see below).
DOCUMENTATION:
An OAuth 1.0 RESTlet authorization header requires the data described in the following table. Some of these values can be obtained from the NetSuite UI. Other values must be calculated. Typically, your integration should include logic to identify these values and generate the finished header. Follow the OAuth 1.0 protocol to create the authorization header.
However in postman I am using extra parameters (consumer Secret and the Token Secret) and it's works if I remove them it doesn't works
To finish when i check the Authorization header generated by postman, I see only the specify parameters in the documentation :
OAuth realm="my realm",oauth_consumer_key="myConsumerKey",oauth_token="myAccessToken",
oauth_signature_method="HMAC-SHA1",oauth_timestamp="1543488570",
oauth_nonce="ERxdLbUfkeh",oauth_version="1.0",oauth_signature="UeqmxAyeUqtPoICLo%2FARsQE8B1E%3D"
If someone can explain me this, I could implement TBA authentification in my Application but for now I need to understand better this authentification.
Upvotes: 4
Views: 7313
Answers (3)
Reputation: 2250
I ran into a lot of issues with NetSuite broken RESTlet/TBA connections as well. I did build this out in our software to help out customers. You can see the methods I used in the article below.
Edit - Updated the link to my Github repo.
Upvotes: 1
Reputation: 5286
The explanation of why the consumer secret and the token secret are needed by Postman to generate the token is shown in SuiteAnswer 42019 - as referenced in the Notes section beside oauth_signature in your screenshot above. From that page:
- Sign the result string from step 5 using the consumer secret and token secret concatenated using '&' (For this case, HMAC-SHA1 or HMAC-256).
In other words, Postman uses the secrets to generate the output which authenticates your credentials - you cannot generate the oauth_signature correctly without them.
Upvotes: 2
Reputation: 164
I also spend a few hours trying to make it work. In my case I wasn't adding the account ID to the realm param. Here a picture of what I ended with:
Here where you can get the account ID:
I hope it helps
Upvotes: 6
Related Questions
- Getting 401 from Netsuite REST API
- NetSuite Oauth Implemenation
- Invalid Login attempt while accessing Netsuite using RESTlet?
- Token Based Authentication (TBA) - OAuth - Netsuite - rest web services - Invalid Login Attempt
- Failed NetSuite RESTlet authentication
- Token based authentication to call Netsuite API
- NetSuite RESTlet NLAuth using Postman
- Reach a NetSuite RESTlet via OAuth
- Connect Netsuite restlet with OAuth
- Netsuite: Anonymous request to restlet