NetSuite Component
Manage NetSuite records
Component key: netsuite
Description
Oracle NetSuite is a unified business management suite, encompassing ERP/Financials, CRM and ecommerce. This component allows you to create, read, update, delete, and list records in NetSuite, as well as execute SuiteQL queries.
API Documentation
This component was built using the following API References currently utilizing REST API v1:
For more details refer to NetSuite's API documentation.
Connections
NetSuite OAuth Auth Code
To connect to NetSuite using OAuth 2.0 Authorization Code flow, create an OAuth 2.0 application in NetSuite with authorization code grant enabled.
Refer to NetSuite's OAuth 2.0 documentation for additional details.
Tokens retrieved using NetSuite's OAuth 2.0 Auth Code flow expire after 7 days and cannot be refreshed. This requires users to re-authenticate every 7 days, which is not a good user experience. We recommend using the OAuth 2.0 Client Credentials flow instead.
Prerequisites
- NetSuite administrator access
- SuiteTalk enabled in the NetSuite account
Setup Steps
-
Enable SuiteTalk:
- Navigate to Setup > Company > Enable Features
- Under the Suite Cloud tab, ensure REST WEB SERVICES and OAUTH 2.0 are both checked
-
Create an OAuth 2.0 Application:
- Navigate to Setup > Integration > Manage Integrations > New
- Enter a name and description for the integration
- Under Token-based Authentication, un-check TOKEN-BASED AUTHENTICATION and TBA: AUTHORIZATION FLOW
- Under OAuth 2.0, ensure the following are checked:
- AUTHORIZATION CODE GRANT
- REST WEB SERVICES
- Under SCOPE, enable REST WEB SERVICES
- Set the REDIRECT URI to:
https://oauth2.prismatic.io/callback - After saving, copy the CONSUMER KEY and CONSUMER SECRET
-
Configure OAuth 2.0 Roles:
- Ensure that users who will authenticate via OAuth have been assigned a proper role with appropriate permissions
Configure the Connection
- Enter the Consumer Key (Client ID) and Consumer Secret (Client Secret) from the NetSuite integration
- Token URL: Enter the NetSuite account's token URL in the format:
https://[ACCOUNT_ID].suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token- Replace
[ACCOUNT_ID]with the NetSuite account ID (found in Setup > Company > Company Information) - Example:
https://1234567.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token
- Replace
Verify Connection
Save the connection to authenticate with NetSuite. Users will be redirected to NetSuite to authorize access.
Tokens expire after 7 days and cannot be refreshed. Users will need to re-authenticate every 7 days by opening the connection configuration and re-authorizing.
| Input | Notes | Example |
|---|---|---|
| Authorize URL | The OAuth 2.0 Authorization URL for NetSuite. | https://system.netsuite.com/app/login/oauth2/authorize.nl |
| Consumer Key (Client ID) | Generate a consumer key when you create your OAuth 2.0 app in NetSuite | example0000000000000000000000000aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa |
| Consumer Secret (Client Secret) | Generate a consumer secret when you create your OAuth 2.0 app in NetSuite | example0000000000000000000000000aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa |
| Scopes | A space-delimited set of one or more scopes. This will always be rest_webservices | rest_webservices |
| Token URL | The OAuth 2.0 Token URL for NetSuite. Replace <ACCOUNT_ID> with your account ID, which can be found in your browser's URL bar when you log in to NetSuite - https://<ACCOUNT_ID>.app.netsuite.com/ | https://<ACCOUNT_ID>.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token |
Netsuite OAuth Client Credentials
To connect to NetSuite using OAuth 2.0 Client Credentials, configure an OAuth 2.0 application with the Client Credentials (M2M) grant in NetSuite.
This authentication method is recommended for server-to-server integrations and provides a better user experience than the Authorization Code flow, as credentials do not expire and require no user re-authentication.
Refer to NetSuite's OAuth Client Credentials documentation for additional details.
Prerequisites
- NetSuite administrator access
- SuiteTalk enabled in the NetSuite account
- OpenSSL installed on the local machine (for certificate generation)
Setup Steps
-
Enable SuiteTalk:
- Navigate to Setup > Company > Enable Features
- Under the Suite Cloud tab, ensure both REST WEB SERVICES and OAUTH 2.0 are checked
-
Create an OAuth 2.0 Application with JWT Option:
- Navigate to Setup > Integration > Manage Integrations > New
- Enter a name and description for the integration
- Under Token-based Authentication, un-check TOKEN-BASED AUTHENTICATION and TBA: AUTHORIZATION FLOW
- Under OAuth 2.0, ensure the following are checked:
- REST WEB SERVICES
- CLIENT CREDENTIALS (MACHINE TO MACHINE) GRANT
- Under SCOPE, enable REST WEB SERVICES
- After saving, copy the CONSUMER KEY — it will not be shown again in NetSuite
-
Generate Certificate and Private Key for JWT:
A private key and certificate are required for JWT-based authentication. Refer to the NetSuite documentation for more information on generating or importing certificates.
-
On the local machine, generate a valid certificate using OpenSSL:
openssl req -new -x509 -newkey rsa:4096 -keyout private.pem \
-sigopt rsa_padding_mode:pss -sha256 -sigopt rsa_pss_saltlen:64 \
-out public.pem -nodes -days 730This command will:
- Generate a new RSA 4096-bit key pair with PSS padding
- Create a self-signed X.509 certificate valid for 730 days (2 years)
- Output two files in the current directory:
private.pem- The private key (keep this secure)public.pem- The public certificate (upload to NetSuite)
The system will prompt to enter certificate details (country, organization, common name, etc.). Press Enter to skip these prompts, though providing values helps with tracking and identification.
-
The private.pem file contains the private key and must be kept secure. Never commit this file to version control, share it publicly, or store it in an unsecured location. Only the application should have access to this file.
-
Configure OAuth 2.0 Client (M2M) in NetSuite:
- Navigate to Setup > Integration > OAUTH 2.0 CLIENT (M2M) SETUP and select Create New
- Choose the appropriate Entity and Role
- Select the Application created in step 2
- For Certificate, upload the
public.pemfile generated in step 3 - After saving, NetSuite will generate a Certificate ID (a unique identifier in the format
custcertificate123). Copy this value — it is needed to configure the connection.
-
Assign Roles:
- Ensure that the entity used in the OAuth 2.0 Client setup has been assigned appropriate roles and permissions
Configure the Connection
When configuring the NetSuite OAuth 2.0 Client Credentials connection, enter the following values:
- Certificate ID: From the OAuth 2.0 Client (M2M) setup in step 4
- Private Key: The entire contents of the
private.pemfile from step 3. Copy the full file including the header and footer lines. Format example:-----BEGIN PRIVATE KEY-----
MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQC...
...key content here...
-----END PRIVATE KEY----- - Consumer Key (Client ID): From the integration created in step 2
- Token URL: The NetSuite account's token URL in the format:
https://[ACCOUNT_ID].suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token- Replace
[ACCOUNT_ID]with the NetSuite account ID (found in Setup > Company > Company Information) - Example:
https://1234567.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token
- Replace
Verify Connection
Save the connection. The integration will authenticate to NetSuite using JWT-based client credentials. No user interaction is required, and credentials do not expire unless the certificate reaches its expiration date (730 days by default).
To test the connection, try running a simple action like Make Raw Request with a GET request to /services/rest/record/v1/metadata-catalog/ to verify the connection works correctly.
| Input | Notes | Example |
|---|---|---|
| Consumer Key (Client ID) | Generate a consumer key when you create your OAuth 2.0 app in NetSuite | example0000000000000000000000000aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa |
| Certificate ID (Key ID) | The key ID used for signing the JWT token. | zzP3z13fkaZsCcwCbmMpd5GvvPs9DTPIquAI83MnNx4 |
| Private Key for JWT | The private key used for signing the JWT token. | |
| Scopes | A space-delimited set of one or more scopes. This will always be rest_webservices | rest_webservices |
| Token URL | The OAuth 2.0 Token URL for NetSuite. Replace <ACCOUNT_ID> with your account ID, which can be found in your browser's URL bar when you log in to NetSuite - https://<ACCOUNT_ID>.app.netsuite.com/ | https://<ACCOUNT_ID>.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token |
Data Sources
Select Record
Select a record from a list of records | key: selectRecord | type: picklist
| Input | Notes | Example |
|---|---|---|
| Connection | ||
| Pagination Limit | Fetch only this many records at a time. | 100 |
| Pagination Offset | Fetch records offset by this value. | 100 |
| Query | Query to filter records by. See https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_1545222128.html for details. | email START_WITH barbara |
| Record Field | Record Field to use as the label for the picklist. If unspecified, the record ID is used. | |
| Record Type | Record type to perform the action against. |
Select SuiteQL
Execute a SuiteQL Query to create a picklist | key: selectSuiteQl | type: picklist
| Input | Notes | Example |
|---|---|---|
| Connection | ||
| Key Field | Items returned field to use as the key for the picklist. | count |
| Label Field | Items returned field to use as the label for the picklist. | |
| Pagination Limit | Fetch only this many records at a time. | 100 |
| Pagination Offset | Fetch records offset by this value. | 100 |
| SuiteQL Payload | Data payload to send in the action request. See https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_157909186990.html for details. |
Actions
Create Record
Create record of specified type | key: createRecord
| Input | Notes | Example |
|---|---|---|
| Connection | ||
| Debug | When true, enables additional logging information. | false |
| Payload | Data payload to send in the action request. See https://system.netsuite.com/help/helpcenter/en_US/APIs/REST_API_Browser/record/v1/2022.1/index.html for details. | |
| Record Type | Record type to perform the action against. |
{
"data": {
"data": {
"id": "12345",
"entityid": "CUST-001",
"companyname": "Acme Corporation",
"subsidiary": {
"id": "1",
"refName": "Parent Company"
},
"email": "contact@acmecorp.example.com",
"phone": "555-0123",
"isperson": false,
"salesRep": {
"id": "1047",
"refName": "John Sales"
},
"terms": {
"id": "5",
"refName": "Net 30"
},
"custentity_customer_type": {
"id": "3",
"refName": "Enterprise"
},
"billaddress": {
"addr1": "123 Main Street",
"addr2": "Suite 400",
"city": "San Francisco",
"state": "CA",
"zip": "94105",
"country": "US"
},
"shipaddress": {
"addr1": "123 Main Street",
"addr2": "Suite 400",
"city": "San Francisco",
"state": "CA",
"zip": "94105",
"country": "US"
},
"datecreated": "2024-10-20T15:30:00Z",
"lastmodified": "2024-10-20T15:30:00Z",
"recordType": "customer",
"links": [
{
"rel": "self",
"href": "/services/rest/record/v1/customer/12345"
}
]
},
"headers": {
"content-type": "application/json",
"location": "/services/rest/record/v1/customer/12345"
}
}
}
Delete Record
Delete record of the specified type | key: deleteRecord
| Input | Notes | Example |
|---|---|---|
| Connection | ||
| Debug | When true, enables additional logging information. | false |
| Record ID | The unique identifier of the record. | 12345 |
| Record Type | Record type to perform the action against. |
{
"data": {
"data": {
"status": "success",
"message": "Record deleted successfully",
"id": "12345"
},
"headers": {
"content-type": "application/json"
}
}
}
Get Record
Get record of specified type | key: getRecord
| Input | Notes | Example |
|---|---|---|
| Connection | ||
| Debug | When true, enables additional logging information. | false |
| Expand Sub-Resources | When true, automatically expands all sublists, sublist lines, and subrecords on this record. | false |
| Fields to Return | Specific fields and sublists to return in the request. If unspecified, the full record is returned. | ["email", "companyname", "subsidiary"] |
| Record ID | The unique identifier of the record. | 12345 |
| Record Type | Record type to perform the action against. | |
| Simple Enum Format | When true, returns enumeration values in a format that only shows the internal ID value. | false |
{
"data": {
"data": {
"id": "12345",
"entityid": "CUST-001",
"companyname": "Acme Corporation",
"subsidiary": {
"id": "1",
"refName": "Parent Company"
},
"email": "contact@acmecorp.example.com",
"phone": "555-0123",
"isperson": false,
"salesRep": {
"id": "1047",
"refName": "John Sales"
},
"terms": {
"id": "5",
"refName": "Net 30"
},
"custentity_customer_type": {
"id": "3",
"refName": "Enterprise"
},
"billaddress": {
"addr1": "123 Main Street",
"addr2": "Suite 400",
"city": "San Francisco",
"state": "CA",
"zip": "94105",
"country": "US"
},
"shipaddress": {
"addr1": "123 Main Street",
"addr2": "Suite 400",
"city": "San Francisco",
"state": "CA",
"zip": "94105",
"country": "US"
},
"datecreated": "2024-10-20T15:30:00Z",
"lastmodified": "2024-10-20T15:30:00Z",
"recordType": "customer",
"links": [
{
"rel": "self",
"href": "/services/rest/record/v1/customer/12345"
}
]
},
"headers": {
"content-type": "application/json",
"location": "/services/rest/record/v1/customer/12345"
}
}
}
List Records
List records of specified type | key: listRecord
| Input | Notes | Example |
|---|---|---|
| Connection | ||
| Debug | When true, enables additional logging information. | false |
| Pagination Limit | Fetch only this many records at a time. | 100 |
| Pagination Offset | Fetch records offset by this value. | 100 |
| Query | Query to filter records by. See https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_1545222128.html for details. | email START_WITH barbara |
| Record Type | Record type to perform the action against. |
{
"data": {
"data": {
"count": 2,
"hasMore": true,
"items": [
{
"id": "12345",
"entityid": "CUST-001",
"companyname": "Acme Corporation",
"email": "contact@acmecorp.example.com",
"subsidiary": {
"id": "1",
"refName": "Parent Company"
},
"links": [
{
"rel": "self",
"href": "/services/rest/record/v1/customer/12345"
}
]
},
{
"id": "12346",
"entityid": "CUST-002",
"companyname": "Global Industries Ltd",
"email": "contact@globalindustries.example.com",
"subsidiary": {
"id": "1",
"refName": "Parent Company"
},
"links": [
{
"rel": "self",
"href": "/services/rest/record/v1/customer/12346"
}
]
}
],
"links": [
{
"rel": "next",
"href": "/services/rest/record/v1/customer?limit=2&offset=2"
}
]
},
"headers": {
"content-type": "application/json"
}
}
}
Raw Request
Send raw HTTP request to NetSuite | key: rawRequest
| Input | Notes | Example |
|---|---|---|
| Connection | ||
| Data | The HTTP body payload to send to the URL. | {"exampleKey": "Example Data"} |
| Debug Request | Enabling this flag will log out the current request. | false |
| File Data | File Data to be sent as a multipart form upload. | [{key: "example.txt", value: "My File Contents"}] |
| File Data File Names | File names to apply to the file data inputs. Keys must match the file data keys above. | |
| Form Data | The Form Data to be sent as a multipart form upload. | [{"key": "Example Key", "value": new Buffer("Hello World")}] |
| Header | A list of headers to send with the request. | User-Agent: curl/7.64.1 |
| Max Retry Count | The maximum number of retries to attempt. Specify 0 for no retries. | 0 |
| Method | The HTTP method to use. | |
| Query Parameter | A list of query parameters to send with the request. This is the portion at the end of the URL similar to ?key1=value1&key2=value2. | |
| Response Type | The type of data you expect in the response. You can request json, text, or binary data. | json |
| Retry On All Errors | If true, retries on all erroneous responses regardless of type. This is helpful when retrying after HTTP 429 or other 3xx or 4xx errors. Otherwise, only retries on HTTP 5xx and network errors. | false |
| Retry Delay (ms) | The delay in milliseconds between retries. This is used when 'Use Exponential Backoff' is disabled. | 0 |
| Service Type | The type of service to use. | record |
| Timeout | The maximum time that a client will await a response to its request | 2000 |
| URL | Input the path only (/contact), The base URL is already included (https://${accountId}.suitetalk.api.netsuite.com/services/rest/record/v1). For example, to connect to https://${accountId}.suitetalk.api.netsuite.com/services/rest/record/v1/contact, only /contact is entered in this field. | /contact |
| Use Exponential Backoff | Specifies whether to use a pre-defined exponential backoff strategy for retries. When enabled, 'Retry Delay (ms)' is ignored. | false |
{
"data": {
"data": {
"id": "12345",
"entityid": "CUST-001",
"companyname": "Acme Corporation",
"email": "contact@acmecorp.example.com",
"subsidiary": {
"id": "1",
"refName": "Parent Company"
},
"datecreated": "2024-10-20T15:30:00Z",
"lastmodified": "2024-10-20T15:30:00Z",
"links": [
{
"rel": "self",
"href": "/services/rest/record/v1/customer/12345"
}
]
},
"headers": {
"content-type": "application/json"
}
}
}
SuiteQL Query
Execute a SuiteQL Query through Netsuite's REST Web Service | key: suiteQLQuery
| Input | Notes | Example |
|---|---|---|
| Connection | ||
| Debug | When true, enables additional logging information. | false |
| Pagination Limit | Fetch only this many records at a time. | 100 |
| Pagination Offset | Fetch records offset by this value. | 100 |
| SuiteQL Payload | Data payload to send in the action request. See https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_157909186990.html for details. |
{
"data": {
"data": {
"count": 2,
"hasMore": false,
"items": [
{
"id": "12345",
"entityid": "CUST-001",
"companyname": "Acme Corporation",
"email": "contact@acmecorp.example.com",
"datecreated": "2024-10-20"
},
{
"id": "12346",
"entityid": "CUST-002",
"companyname": "Global Industries Ltd",
"email": "contact@globalindustries.example.com",
"datecreated": "2024-10-15"
}
],
"links": [
{
"rel": "self",
"href": "/services/rest/query/v1/suiteql"
}
]
},
"headers": {
"content-type": "application/json"
}
}
}
Update Record
Update record of the specified type | key: updateRecord
| Input | Notes | Example |
|---|---|---|
| Connection | ||
| Debug | When true, enables additional logging information. | false |
| Record ID | The unique identifier of the record. | 12345 |
| Payload | Data payload to send in the action request. See https://system.netsuite.com/help/helpcenter/en_US/APIs/REST_API_Browser/record/v1/2022.1/index.html for details. | |
| Record Type | Record type to perform the action against. | |
| Replace | Names of sublists on this record. All specified sublists will be replaced instead of added to. | ["itemList", "addressbookList"] |
| Replace Selected Fields | When true, deletes all fields, including body fields, specified in the Replace input. | false |
{
"data": {
"data": {
"id": "12345",
"entityid": "CUST-001",
"companyname": "Acme Corporation Inc.",
"subsidiary": {
"id": "1",
"refName": "Parent Company"
},
"email": "info@acmecorp.example.com",
"phone": "555-0123",
"isperson": false,
"salesRep": {
"id": "1047",
"refName": "John Sales"
},
"terms": {
"id": "5",
"refName": "Net 30"
},
"custentity_customer_type": {
"id": "3",
"refName": "Enterprise"
},
"billaddress": {
"addr1": "123 Main Street",
"addr2": "Suite 400",
"city": "San Francisco",
"state": "CA",
"zip": "94105",
"country": "US"
},
"shipaddress": {
"addr1": "123 Main Street",
"addr2": "Suite 400",
"city": "San Francisco",
"state": "CA",
"zip": "94105",
"country": "US"
},
"datecreated": "2024-10-20T15:30:00Z",
"lastmodified": "2024-10-20T16:45:00Z",
"recordType": "customer",
"links": [
{
"rel": "self",
"href": "/services/rest/record/v1/customer/12345"
}
]
},
"headers": {
"content-type": "application/json",
"location": "/services/rest/record/v1/customer/12345"
}
}
}