How to create oauth signature in Restlet authorization TBA (signature mathod: HMAC-SHA256)?

I am new in NetSuite Integration, after having an endpoint API, i m trying to call it and for authorization i have consumer key, consumer secret, token id and token secret. Can anyone help me in how to get the `oauth_signature` in restlet script?

When i test the provided endpoint in postman, i get that the header automatically set with :

OAuth realm = "123456_SB1",

oauth_consumer_key = "asdfghjklzxcvbnmwertyui234567892345678ertyuicvbnxcvbndfgher56",

oauth_token = "dfsfsfddafdcvbnmwertyui234567892345678ertyuicvbnxasdasadsdafd",

oauth_signature_method = "HMAC-SHA256",

oauth_timestamp = "1705502763",

oauth_nonce = "3RTZ9gFUmt",

oauth_version = "1.0",

oauth_signature = "WERUTUIIYO23456709SDFG576F"


I tried to have this in generated in my restlet but couldnt get a proper breakthough.

Sorry if i have my concepts unclear, this is becaue i m very new in integrations and rest architecture.

Rookie Asked on January 17, 2024 in SuiteScript.
Add Comment
2 Answer(s)

Understanding OAuth can be a bit tricky when you’re new to it, so no worries.

Here’s a step-by-step process on how to set up OAuth 1.0 for NetSuite Restlet Script:

1. Set up a NetSuite Token-based Application – Log into your NetSuite account and navigate to Setup > Integration > Manage Integrations > New. Fill out the necessary fields and make sure ‘Token-Based Authentication’ is checked. Save the record and keep note of the Consumer Key and Secret.

2. Create a Role – Go to Setup > Users/Roles > Manage Roles > New. Configure the permissions and make sure ‘Web Services’ and ‘User Access Tokens’ are checked under Setup tab.

3. Assign Role to User – Go to Lists > Employees > Employees. Edit the user record and under Access tab, add the new role.

4. Create Access Token – Go to Setup > Users/Roles > Access Tokens > New. Select the Application, User, and Role from the steps above. Take note of the Token ID and Secret.

5. Now, you have the Consumer Key & Secret (from step 1) and Token ID & Secret (from step 4).

The OAuth_signature in the header is not something you manually create. It is automatically generated when you make the request using a library that supports OAuth 1.0, like Postman.

In Postman, you can use these values to set up OAuth 1.0 authentication. Navigate to the “Authorization” tab, select “OAuth 1.0” from the TYPE dropdown menu. Enter the details: Consumer Key, Consumer Secret, Token, and Token Secret.

Let me know if it works. Hope it helps.

Rookie Answered on January 17, 2024.
Add Comment

If you’re using Python, you can use this lib

It helps yuo add authorization header for Restlets and rest webservices

Rookie Answered on January 17, 2024.
Add Comment

Your Answer

By posting your answer, you agree to the privacy policy and terms of service.
  • This site made possible by our sponsors:   Tipalti   Celigo   Become a Sponsor   Become a Sponsor