Home

OAuth2 / REST related questions

We are able to get an access_token and refresh_token via the OAuth2 flow

  1. We are not able to refresh an access token (we always receive invalid_request):

curl -X POST -H “Content-Type: application/x-www-form-urlencoded” -d “grant_type=refresh_token&refresh_token=XXXX&client_id=XXX&client_secret=XXXX” https://REDACTED-sb1.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token {“error”:”invalid_request”}

 

2. Is it possible to fetch invoice documents (like an invoice pdf) via the REST API?

3. How to refresh a refresh_token? It seems to expire after 7 days?

4. In our other OAuth applications we can use 1 integration/application that we register as a company. We can use the same client_id and client_secret and the same authorization + token urls for ALL our clients, it seems this is not possible for Netsuite?Thank you very much in advance.

 

We also have the same question as https://netsuiteprofessionals.com/question/can-oauth-2-0-be-used-for-long-term-integrations/

“From what I’ve been able find in the Netsuite documentation, it seems that Netsuite’s implementation of OAuth 2.0 requires a manual re-authentication every 7 days when the refresh token expires. Is there any way to get around this limitation? I would like to be able to automate the retrieval of new refresh tokens so that an administrator only needs to set up the integration’s authentication once and the software integrating to Netsuite handles the rest.”

Thanks in advance

Rookie Asked on June 18, 2020 in SuiteTalk.
Add Comment
Cancel
3 Answer(s)

A couple of answers from @battk from slack:

 

battk  42 minutes ago

Refresh Token POST Request to the Token Endpoint
battk  42 minutes ago

look at the important section for where to put the client id and client secret
battk  40 minutes ago

The same page also says what to do after the refresh token  expires, which is basically start over from step 1
battk  35 minutes ago

you will have to complete the authorization flow for each account, using a slightly different url for each one
Cancel
Rookie Answered on June 18, 2020.
Add Comment
Cancel

At the moment the only open questions are:

 

    1. Is it possible to fetch invoice documents (like an invoice pdf) via the REST API?
    2.  In other OAuth applications we can use 1 integration/application that we register as a company. We can use the same client_id and client_secret and the same authorization + token urls for ALL our clients, it seems this is not possible for Netsuite?

       

Thank you very much in advance.

  •  

 

Cancel
Rookie Answered on June 18, 2020.
Add Comment
Cancel

Has anyone been able to solve this?  We have an OAuth flow implemented but the refresh tokens stop working after a week.  A human must go in and re-auth.  This is not standard for systems integration flows.

Has anyone come up with a solution?

Thanks

Cancel
Rookie Answered on January 2, 2021.
Add Comment
Cancel

Your Answer

By posting your answer, you agree to the privacy policy and terms of service.
  • This site made possible by our sponsors:   Tipalti   Celigo   Limebox   Become a Sponsor   Become a Sponsor