I’m trying to implement the first step (from https://netsuite.custhelp.com/app/answers/detail/a_id/87395 in SuiteAnswers) and I keep getting the response of:

{"error" : {"code" : "USER_ERROR", "message" : "Invalid login attempt."}}

I’ve tried it from within Node JS, a Suitelet (EDIT: current implementation) and manually crafting the response with Postman.

Everything has been url encoded, where required.

Signature Details

Base String: "POST&https%3A%2F%2F<account_id>-sb1.restlets.api.netsuite.com%2Frest%2Frequesttoken&oauth_callback%3D<callback_url>%26oauth_consumer_key%3D<consumer_key>%26oauth_nonce%3DWdaFfY%26oauth_signature_method%3DHMAC-SHA256%26oauth_timestamp%3D1571831042%26oauth_version%3D1.0"

Key: "<consumer_secret>"

Authorization Header

OAuth realm="<account_id>_SB1", oauth_callback="<callback_url>", oauth_consumer_key="<consumer_key>", oauth_nonce="WdaFfY", oauth_signature="<signature>", oauth_signature_method="HMAC-SHA256", oauth_timestamp="1571831042", oauth_version="1.0"

Any thoughts on what I’ve potentially gotten wrong?