Download a NetSuite OAuth Token Based Authentication Sample Node.js Program

This article is relevant if you are seeking to learn how to authenticate and use NetSuite’s Token Based Authentication which utilizes the OAuth 1.0 specification against RestLets.


NetSuite is promoting more use of token based authentication mechanisms to consume API services from external sources. Thus restlets and web services can authenticate using tokens versus user credential information. I welcome this capacity as holding a specific user credential to drive an integration was always worrisome. In practice, password policies forced credential resets which would cause integration down time as it required infrequent but periodic application configuration maintenance.

In theory, using the authentication methods should be straightforward.  But in practice, it is tricky especially because NetSuite is using the older version 1.0a specification; most general OAuth examples now use version 2.0.

You may be using a test tool, such as Postman, and find you are frustrated getting INVALID_LOGIN_ATTEMPT Invalid login attempt messages. While I, and many others, love the Postman tool, there does indeed seem to be some type of bug in the current version with this older OAuth 1.0a specification. Thus, I worked with Marko, one of our consultants, who recently built out a Node.js framework for another client integration. My aim was for Marko to create a simple and easy to understand example project which can help you verify your Restlet connectivity.

Sample Node.js Project to Confirm Connectivity

Simple Echo Back Restlet 2.0 Endpoint

We created a very simple Restlet that echos back a post response. Here is the server side SuiteScript 2.0 Restlet code:

 * @NApiVersion 2.x
 * @NScriptType restlet
define([ 'N/record' ], function(record) {
   return {
      post : function(restletBody) 
    	 log.debug("PRI OAuth Restlet Post Start");
         log.debug("datain ", JSON.stringify(restletBody));
         return {
             "success" : "true",
             "datain" : restletBody

We also have this running in one of our TSTDRV accounts to act a sample REST endpoint against the supplied client project code.

Simple Node.js Console Program

We then created a simple Node.js program leveraging work offered by another fellow NetSuite developer offered up on GitHub. We packaged our working example for you to download as a zip here.   Check out the readme.txt file once you expand the zip fie.

The Node.js program is easy to take apart to understand as it is basically well crafted JavaScript. Furthermore, the program has a nicely organized wrapper class around all the OAuth header work. If needed, you can dissect the pattern to craft your own OAuth 1.0 headers for use in other environments.

Finally, the program can be used to help you confirm and test that your NetSuite Restlet and related token based authentication credentials are all in sync.

Sample Console Outputs from NetSuite OAuth Endpoint

Here is what it may look like to send a request with incorrect credentials:

C:\Users\mzigman\>node start.js
{"error" : {"code" : "INVALID_LOGIN_ATTEMPT", "message" : "Invalid login attempt."}}

Here is what it may look like with Correct credentials:

C:\Users\mzigman\>node start.js
{"customer":"Prolecto Sample Customer","dts":"2017-10-14T20:51:21.017Z","os_info":{"hostname":"x1-carbon-3g","platform":"win32"}}

Be Appreciated for your NetSuite Technical Brilliance

My hope is that this article illustrates the basic work we do in our NetSuite Systems Integration Practice. I consider OAuth work “software infrastructure plumbing” and not that interesting compared to more complex business logic problems we face day-in and day-out. Yet, many times we must address these plumbing problems to have our clients realize the brilliance in our business logic work.

If you are an individual who feels under appreciated for the way you see the world and for the contributions you produce, perhaps we should have a conversation?

Be Sociable, Share!

Marty Zigman

Holding all three official certifications, Marty is Southern California's NetSuite expert and leads a team of senior professionals at Prolecto Resources, Inc. He is a former Deloitte & Touche CPA and has held CTO roles. For over 25 years, Marty has produced leadership in ERP, CRM and eCommerce business systems. Contact Marty to setup a conversation.

More Posts - Website - Twitter - Facebook - LinkedIn - Google Plus - YouTube

| Category: NetSuite, Technical | Leave a comment

Post a Comment

Your email is never published nor shared. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>