M2M OAuth2.0 Account Configuration in NetSuite

Overview

Snaps in the NetSuite REST Snap Pack use the NetSuite REST M2M OAuth2 Account to access the NetSuite application. For the M2M OAuth2 account to function without any issue, ensure to create and configure an OAuth app corresponding to the account as explained in the procedure below. This procedure also contains the steps required to create M2M OAuth2 account for using this Snap Pack.

OAuth2.0 Setup

  1. Log in to the NetSuite portal.
  2. Enable the Token-based Authentication Feature.
    1. Click on Setup > Company > Enable Features as shown below:
      NetSuite Setup

    2. Click the SuiteCloud tab.
    3. In SuiteTalk (Web Services), select REST WEB SERVICES.
      Rest Web Services

    4. In the Manage Authentication section, select the OAUTH2.0 checkbox.
      OAuth2 Checkbox

    5. Go to the SuiteCloud Terms of Service page and click on I Agree button if you agree to the terms and conditions.
  3. Set Up OAuth 2.0 Roles.
    1. Click on Setup > Users/Roles > Manage Roles.
    2. Locate the role you want to modify from the List.
      Managed Roles List

    3. Click on Edit.
    4. Update the permissions:
      1. Navigate to the Permissions tab.
      2. Select the Lists sub-tab.
      3. Add or update the required permission to Full to perform full CRUD operations. For example, enable the Customers object with full permissions to perform CRUD operations.
        Managed Roles Full

    5. Ensure that the role has the necessary permissions for web services and other related objects.
      1. Go to the Setup sub-tab and ensure full Web Services for Access Token Management, Log in using OAuth 2.0 Access Tokens, OAuth 2.0 Authorized Applications Management.
        Managed Roles Full Web Services

      2. Verify any additional permissions under the Transactions and Setup sub-tabs that might be required for full CRUD operations.
        Managed Roles Transactions

    6. Click Save to confirm and apply the changes.
  4. Assign Users to OAuth 2.0 Roles.
    1. If the user is an employee, click on Lists > Employees > Employees > Search.
    2. Click Edit to assign the token-based authentication role that you created.
      Assign Users Edit

    3. Click the Access tab.
      Assign Users Access

    4. In the Role field, select the role for this user.
      Assign Users Rest Role

    5. Click Add and Save.
  5. Create Integration Records for Applications to Use OAuth 2.0.
    1. Go to Setup > Integration > Manage Integrations > New.
    2. Click Authentication > OAuth2.0.
    3. Select AUTHORIZATION CODE GRANT, CLIENT CREDENTIALS (MACHINE TO MACHINE) GRANT, and REST WEB SERVICES checkboxes.
    4. Specify the REDIRECT URI.
      Create Integrations Auth

    5. The Client ID and Client Secret are generated.
      Note: The Client ID and Client Secret once created must be saved for easy access because you cannot retrieve these details in future.

      Create Integrations ClientID Client Secret

  6. OAuth 2.0 Client Credentials Setup.
    1. Generate key and certificate using the following command in Linux. openssl req -x509 -newkey rsa:4096 -sha256 -keyout auth-key.pem -out auth-cert.pem -nodes -days 730
      OAuth2.0 Client Command Line

    2. Click on Setup > Integration > Manage Authentication > OAuth 2.0 Client Credentials (M2M) Setup.
    3. Click on Create New button.
      OAuth Client Create New

    4. Update auth-cert.pem obtained from the command line and add other properties as required and click Save.
      OAuth Client Save

    5. The Certificate ID is generated and listed as shown below:
      OAuth Client Certificate

Specify the credentials and authorize the Snap account

To authorize your account in the SnapLogic® Platform, you must have the following:

  • Client ID
  • Certificate ID
  1. Navigate to the NetSuite REST Snap of your choice and configure the NetSuite REST M2M OAuth2 Account with the details from the NetSuite portal.
    NetSuite REST OAuth2 Account

  2. Click Authorize. The access token is auto-populated in the Access token field.
  3. Click Apply to save the account.