Oracle NetSuite Component
Manage records and execute queries in Oracle NetSuite.
Component key: netsuite
Description
Oracle NetSuite is a unified business management suite, encompassing ERP/Financials, CRM and ecommerce. This component allows you to create, read, update, delete, and list records in NetSuite, as well as execute SuiteQL queries.
API Documentation
This component was built using the following API References currently utilizing REST API v1:
For more details refer to NetSuite's API documentation.
Connections
NetSuite OAuth Auth Code
key: oauthTo connect to NetSuite using OAuth 2.0 Authorization Code flow, create an OAuth 2.0 application in NetSuite with authorization code grant enabled.
Refer to NetSuite's OAuth 2.0 documentation for additional details.
Tokens retrieved using NetSuite's OAuth 2.0 Auth Code flow expire after 7 days and cannot be refreshed. This requires users to re-authenticate every 7 days, which is not a good user experience. We recommend using the OAuth 2.0 Client Credentials flow instead.
Prerequisites
- NetSuite administrator access
- SuiteTalk enabled in the NetSuite account
Setup Steps
-
Enable SuiteTalk:
- Navigate to Setup > Company > Enable Features
- Under the Suite Cloud tab, ensure REST WEB SERVICES and OAUTH 2.0 are both checked
-
Create an OAuth 2.0 Application:
- Navigate to Setup > Integration > Manage Integrations > New
- Enter a name and description for the integration
- Under Token-based Authentication, un-check TOKEN-BASED AUTHENTICATION and TBA: AUTHORIZATION FLOW
- Under OAuth 2.0, ensure the following are checked:
- AUTHORIZATION CODE GRANT
- REST WEB SERVICES
- Under SCOPE, enable REST WEB SERVICES
- Set the REDIRECT URI to:
https://oauth2.prismatic.io/callback - After saving, copy the CONSUMER KEY and CONSUMER SECRET
-
Configure OAuth 2.0 Roles:
- Ensure that users who will authenticate via OAuth have been assigned a proper role with appropriate permissions
Configure the Connection
- Enter the Consumer Key (Client ID) and Consumer Secret (Client Secret) from the NetSuite integration
- Token URL: Enter the NetSuite account's token URL in the format:
https://[ACCOUNT_ID].suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token- Replace
[ACCOUNT_ID]with the NetSuite account ID (found in Setup > Company > Company Information) - Example:
https://1234567.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token
- Replace
Verify Connection
Save the connection to authenticate with NetSuite. Users will be redirected to NetSuite to authorize access.
Tokens expire after 7 days and cannot be refreshed. Users will need to re-authenticate every 7 days by opening the connection configuration and re-authorizing.
| Input | Notes | Example |
|---|---|---|
| Authorize URL | The OAuth 2.0 Authorization URL for NetSuite. | https://system.netsuite.com/app/login/oauth2/authorize.nl |
| Consumer Key (Client ID) | The consumer key generated when you create your OAuth 2.0 application in NetSuite. Navigate to Setup > Company > Enable Features > SuiteCloud > Manage Authentication to create an application. | a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6a7b8c9d0e1f2 |
| Consumer Secret (Client Secret) | The consumer secret generated when you create your OAuth 2.0 application in NetSuite. Navigate to Setup > Company > Enable Features > SuiteCloud > Manage Authentication to create an application. | z9y8x7w6v5u4t3s2r1q0p9o8n7m6l5k4j3i2h1g0f9e8d7c6b5a4z3y2x1w0v9u8 |
| Scopes | A space-delimited set of one or more scopes. This will always be rest_webservices | rest_webservices |
| Token URL | The OAuth 2.0 Token URL for NetSuite. Replace <ACCOUNT_ID> with your NetSuite account ID, which can be found in your browser's URL bar when you log in: https://<ACCOUNT_ID>.app.netsuite.com/ | https://<ACCOUNT_ID>.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token |
Netsuite OAuth Client Credentials
key: oauthClientCredentialsTo connect to NetSuite using OAuth 2.0 Client Credentials, configure an OAuth 2.0 application with the Client Credentials (M2M) grant in NetSuite.
This authentication method is recommended for server-to-server integrations and provides a better user experience than the Authorization Code flow, as credentials do not expire and require no user re-authentication.
Refer to NetSuite's OAuth Client Credentials documentation for additional details.
Prerequisites
- NetSuite administrator access
- SuiteTalk enabled in the NetSuite account
- OpenSSL installed on the local machine (for certificate generation)
Setup Steps
-
Enable SuiteTalk:
- Navigate to Setup > Company > Enable Features
- Under the Suite Cloud tab, ensure both REST WEB SERVICES and OAUTH 2.0 are checked
-
Create an OAuth 2.0 Application with JWT Option:
- Navigate to Setup > Integration > Manage Integrations > New
- Enter a name and description for the integration
- Under Token-based Authentication, un-check TOKEN-BASED AUTHENTICATION and TBA: AUTHORIZATION FLOW
- Under OAuth 2.0, ensure the following are checked:
- REST WEB SERVICES
- CLIENT CREDENTIALS (MACHINE TO MACHINE) GRANT
- Under SCOPE, enable REST WEB SERVICES
- After saving, copy the CONSUMER KEY — it will not be shown again in NetSuite
-
Generate Certificate and Private Key for JWT:
A private key and certificate are required for JWT-based authentication. Refer to the NetSuite documentation for more information on generating or importing certificates.
-
On the local machine, generate a valid certificate using OpenSSL:
openssl req -new -x509 -newkey rsa:4096 -keyout private.pem \
-sigopt rsa_padding_mode:pss -sha256 -sigopt rsa_pss_saltlen:64 \
-out public.pem -nodes -days 730This command will:
- Generate a new RSA 4096-bit key pair with PSS padding
- Create a self-signed X.509 certificate valid for 730 days (2 years)
- Output two files in the current directory:
private.pem- The private key (keep this secure)public.pem- The public certificate (upload to NetSuite)
The system will prompt to enter certificate details (country, organization, common name, etc.). Press Enter to skip these prompts, though providing values helps with tracking and identification.
-
The private.pem file contains the private key and must be kept secure. Never commit this file to version control, share it publicly, or store it in an unsecured location. Only the application should have access to this file.
-
Configure OAuth 2.0 Client (M2M) in NetSuite:
- Navigate to Setup > Integration > OAUTH 2.0 CLIENT (M2M) SETUP and select Create New
- Choose the appropriate Entity and Role
- Select the Application created in step 2
- For Certificate, upload the
public.pemfile generated in step 3 - After saving, NetSuite will generate a Certificate ID (a unique identifier). Copy this value — it is needed to configure the connection. The Certificate ID will be a string similar to
zzP3z13fkaZsCcwCbmMpd5GvvPs9DTPIquAI83MnNx4.
-
Assign Roles:
- Ensure that the entity used in the OAuth 2.0 Client setup has been assigned appropriate roles and permissions
Configure the Connection
When configuring the NetSuite OAuth 2.0 Client Credentials connection, enter the following values:
- Certificate ID: From the OAuth 2.0 Client (M2M) setup in step 4
- Private Key: The entire contents of the
private.pemfile from step 3. Copy the full file including the header and footer lines. Format example:-----BEGIN PRIVATE KEY-----
MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQC...
...key content here...
-----END PRIVATE KEY----- - Consumer Key (Client ID): From the integration created in step 2
- Token URL: The NetSuite account's token URL in the format:
https://[ACCOUNT_ID].suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token- Replace
[ACCOUNT_ID]with the NetSuite account ID (found in Setup > Company > Company Information) - Example:
https://1234567.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token
- Replace
| Input | Notes | Example |
|---|---|---|
| Consumer Key (Client ID) | The consumer key generated when you create your OAuth 2.0 application in NetSuite. Navigate to Setup > Company > Enable Features > SuiteCloud > Manage Authentication to create an application. | a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6a7b8c9d0e1f2 |
| Certificate ID (Key ID) | The certificate ID (key ID) from your NetSuite certificate, used for signing the JWT token. Found in Setup > Company > Company Information > Certificates. | a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0 |
| Private Key for JWT | The private key (RSA or EC format) used for signing the JWT token. This is the private key corresponding to your NetSuite certificate. Include the full key with BEGIN/END markers. | |
| Scopes | A space-delimited set of one or more scopes. This will always be rest_webservices | rest_webservices |
| Token URL | The OAuth 2.0 Token URL for NetSuite. Replace <ACCOUNT_ID> with your NetSuite account ID, which can be found in your browser's URL bar when you log in: https://<ACCOUNT_ID>.app.netsuite.com/ | https://<ACCOUNT_ID>.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token |
Triggers
New and Updated Records
Checks for new and updated records in a selected NetSuite record type on a configured schedule. | key: pollRecords
| Input | Notes | Example |
|---|---|---|
| Additional Filter | Additional WHERE clause conditions to append to the polling query. Do not include 'AND' prefix - it will be added automatically. See Record Collection Filtering for query syntax. | isinactive = 'F' |
| Connection | The NetSuite connection to use. | |
| Record Type | Record type to perform the action against. | |
| Show New Records | When true, includes new records in the results. | true |
| Show Updated Records | When true, includes updated records in the results. | true |
The New or Updated Records trigger checks for new and updated records in NetSuite based on the lastmodifieddate field on a configured schedule.
For more information on NetSuite REST API filtering, see Record Collection Filtering and Searching by lastModifiedDate.
How It Works
- Run on the configured schedule (e.g., every 5 minutes)
- Query records using the REST API Record Service with a filter on
lastmodifieddate - Fetch all matching records using automatic pagination (1,000 records per page)
- Return both new and updated records that have been modified since the last poll
- Maintain state to track the last poll time automatically
On the first run, the trigger sets the poll timestamp to the current time and returns all matching records. Subsequent runs detect records created or modified after that timestamp.
Configuration
- Connection: NetSuite OAuth 2.0 or OAuth 2.0 Client Credentials connection
- Record Type: The type of NetSuite record to monitor (e.g., customer, invoice, salesOrder, contact)
- Additional Filter: Optional WHERE clause conditions to append to the query (without 'AND' prefix)
The trigger uses a query in the format: lastmodifieddate AFTER {lastPolledAt} and appends any additional filter conditions specified.
Example Additional Filters:
isinactive = 'F'- Only active recordssubsidiary.id = '2'- Records from a specific subsidiaryemail IS NOT NULL- Records with email addresses
See Record Collection Filtering documentation for complete filter syntax.
Returned Data
The trigger returns all records that have been created or modified since the last poll. When no changes are detected, returns an empty array and sets polledNoChanges to true.
View example response
{
"data": {
"totalRecords": 2,
"recordType": "customer",
"records": [
{
"id": "456",
"entityid": "CUST-001",
"companyname": "Acme Corporation",
"email": "contact@acmecorp.example.com",
"phone": "555-0123",
"lastmodifieddate": "2026-01-23T10:30:00.000Z",
"datecreated": "2026-01-23T10:30:00.000Z",
"subsidiary": {
"id": "1",
"refName": "Parent Company"
}
},
{
"id": "457",
"entityid": "CUST-002",
"companyname": "Global Tech Inc",
"email": "info@globaltech.example.com",
"phone": "555-0456",
"lastmodifieddate": "2026-01-23T10:35:00.000Z",
"datecreated": "2026-01-22T14:20:00.000Z",
"subsidiary": {
"id": "1",
"refName": "Parent Company"
}
}
]
}
}
Data Sources
Select Record
Select a record from a list of records | key: selectRecord | type: picklist
| Input | Notes | Example |
|---|---|---|
| Connection | The NetSuite connection to use. | |
| Pagination Limit | The maximum number of records to fetch per page. See Record Collection Filtering for details. | 1000 |
| Pagination Offset | The number of records to skip before starting to fetch results. Used for pagination. | 0 |
| Query | Query string to filter records. Use operators like START_WITH, EQUAL, CONTAIN. See Record Collection Filtering for details. | email START_WITH barbara |
| Record Field | The record field to use as the label for the picklist. If unspecified, the record ID is used. | |
| Record Type | Record type to perform the action against. |
Select SuiteQL
Execute a SuiteQL Query to create a picklist | key: selectSuiteQl | type: picklist
| Input | Notes | Example |
|---|---|---|
| Connection | The NetSuite connection to use. | |
| Key Field | The field name from returned items to use as the key for the picklist. | id |
| Label Field | The field name from returned items to use as the label for the picklist. | |
| Pagination Limit | The maximum number of records to fetch per page. See Record Collection Filtering for details. | 1000 |
| Pagination Offset | The number of records to skip before starting to fetch results. Used for pagination. | 0 |
| SuiteQL Payload | SuiteQL query string to execute. See Executing SuiteQL Queries for details. |
Actions
Create Record
Create record of specified type | key: createRecord
| Input | Notes | Example |
|---|---|---|
| Connection | The NetSuite connection to use. | |
| Payload | Data payload to send in the action request. See REST API Browser for details. | |
| Record Type | Record type to perform the action against. |
{
"data": {
"data": {
"id": "12345",
"entityid": "CUST-001",
"companyname": "Acme Corporation",
"subsidiary": {
"id": "1",
"refName": "Parent Company"
},
"email": "contact@acmecorp.example.com",
"phone": "555-0123",
"isperson": false,
"salesRep": {
"id": "1047",
"refName": "John Sales"
},
"terms": {
"id": "5",
"refName": "Net 30"
},
"custentity_customer_type": {
"id": "3",
"refName": "Enterprise"
},
"billaddress": {
"addr1": "123 Main Street",
"addr2": "Suite 400",
"city": "San Francisco",
"state": "CA",
"zip": "94105",
"country": "US"
},
"shipaddress": {
"addr1": "123 Main Street",
"addr2": "Suite 400",
"city": "San Francisco",
"state": "CA",
"zip": "94105",
"country": "US"
},
"datecreated": "2024-10-20T15:30:00Z",
"lastmodified": "2024-10-20T15:30:00Z",
"recordType": "customer",
"links": [
{
"rel": "self",
"href": "/services/rest/record/v1/customer/12345"
}
]
},
"headers": {
"content-type": "application/json",
"location": "/services/rest/record/v1/customer/12345"
}
}
}
Delete Record
Delete record of the specified type | key: deleteRecord
| Input | Notes | Example |
|---|---|---|
| Connection | The NetSuite connection to use. | |
| Record ID | The internal ID of the record. For external IDs, use the format 'eid:YOUR_EXTERNAL_ID'. See Getting a Record Instance for details. | 107 |
| Record Type | Record type to perform the action against. |
{
"data": {
"data": {
"status": "success",
"message": "Record deleted successfully",
"id": "12345"
},
"headers": {
"content-type": "application/json"
}
}
}
Get Record
Get record of specified type | key: getRecord
| Input | Notes | Example |
|---|---|---|
| Connection | The NetSuite connection to use. | |
| Expand Sub-Resources | When true, automatically expands all sublists, sublist lines, and subrecords on this record. | false |
| Fields to Return | Specific fields and sublists to return in the request. If unspecified, the full record is returned. | ["email", "companyname", "subsidiary"] |
| Record ID | The internal ID of the record. For external IDs, use the format 'eid:YOUR_EXTERNAL_ID'. See Getting a Record Instance for details. | 107 |
| Record Type | Record type to perform the action against. | |
| Simple Enum Format | When true, returns enumeration values in a format that only shows the internal ID value. | false |
{
"data": {
"data": {
"id": "12345",
"entityid": "CUST-001",
"companyname": "Acme Corporation",
"subsidiary": {
"id": "1",
"refName": "Parent Company"
},
"email": "contact@acmecorp.example.com",
"phone": "555-0123",
"isperson": false,
"salesRep": {
"id": "1047",
"refName": "John Sales"
},
"terms": {
"id": "5",
"refName": "Net 30"
},
"custentity_customer_type": {
"id": "3",
"refName": "Enterprise"
},
"billaddress": {
"addr1": "123 Main Street",
"addr2": "Suite 400",
"city": "San Francisco",
"state": "CA",
"zip": "94105",
"country": "US"
},
"shipaddress": {
"addr1": "123 Main Street",
"addr2": "Suite 400",
"city": "San Francisco",
"state": "CA",
"zip": "94105",
"country": "US"
},
"datecreated": "2024-10-20T15:30:00Z",
"lastmodified": "2024-10-20T15:30:00Z",
"recordType": "customer",
"links": [
{
"rel": "self",
"href": "/services/rest/record/v1/customer/12345"
}
]
},
"headers": {
"content-type": "application/json",
"location": "/services/rest/record/v1/customer/12345"
}
}
}
List Records
List records of specified type | key: listRecord
| Input | Notes | Example |
|---|---|---|
| Connection | The NetSuite connection to use. | |
| Pagination Limit | The maximum number of records to fetch per page. See Record Collection Filtering for details. | 1000 |
| Pagination Offset | The number of records to skip before starting to fetch results. Used for pagination. | 0 |
| Query | Query string to filter records. Use operators like START_WITH, EQUAL, CONTAIN. See Record Collection Filtering for details. | email START_WITH barbara |
| Record Type | Record type to perform the action against. |
{
"data": {
"data": {
"count": 2,
"hasMore": true,
"items": [
{
"id": "12345",
"entityid": "CUST-001",
"companyname": "Acme Corporation",
"email": "contact@acmecorp.example.com",
"subsidiary": {
"id": "1",
"refName": "Parent Company"
},
"links": [
{
"rel": "self",
"href": "/services/rest/record/v1/customer/12345"
}
]
},
{
"id": "12346",
"entityid": "CUST-002",
"companyname": "Global Industries Ltd",
"email": "contact@globalindustries.example.com",
"subsidiary": {
"id": "1",
"refName": "Parent Company"
},
"links": [
{
"rel": "self",
"href": "/services/rest/record/v1/customer/12346"
}
]
}
],
"links": [
{
"rel": "next",
"href": "/services/rest/record/v1/customer?limit=2&offset=2"
}
]
},
"headers": {
"content-type": "application/json"
}
}
}
Raw Request
Send raw HTTP request to NetSuite | key: rawRequest
| Input | Notes | Example |
|---|---|---|
| Connection | The NetSuite connection to use. | |
| Data | The HTTP body payload to send to the URL. | {"exampleKey": "Example Data"} |
| Debug Request | Enabling this flag will log out the current request. | false |
| File Data | File Data to be sent as a multipart form upload. | [{key: "example.txt", value: "My File Contents"}] |
| File Data File Names | File names to apply to the file data inputs. Keys must match the file data keys above. | |
| Form Data | The Form Data to be sent as a multipart form upload. | [{"key": "Example Key", "value": new Buffer("Hello World")}] |
| Header | A list of headers to send with the request. | User-Agent: curl/7.64.1 |
| Max Retry Count | The maximum number of retries to attempt. Specify 0 for no retries. | 0 |
| Method | The HTTP method to use. | |
| Query Parameter | A list of query parameters to send with the request. This is the portion at the end of the URL similar to ?key1=value1&key2=value2. | |
| Response Type | The type of data you expect in the response. You can request json, text, or binary data. | json |
| Retry On All Errors | If true, retries on all erroneous responses regardless of type. This is helpful when retrying after HTTP 429 or other 3xx or 4xx errors. Otherwise, only retries on HTTP 5xx and network errors. | false |
| Retry Delay (ms) | The delay in milliseconds between retries. This is used when 'Use Exponential Backoff' is disabled. | 0 |
| Service Type | The type of service to use. | record |
| Timeout | The maximum time that a client will await a response to its request | 2000 |
| URL | Input the path only (/contact), The base URL is already included (https://{accountId}.suitetalk.api.netsuite.com/services/rest/record/v1). For example, to connect to https://{accountId}.suitetalk.api.netsuite.com/services/rest/record/v1/contact, only /contact is entered in this field. | /contact |
| Use Exponential Backoff | Specifies whether to use a pre-defined exponential backoff strategy for retries. When enabled, 'Retry Delay (ms)' is ignored. | false |
{
"data": {
"data": {
"id": "12345",
"entityid": "CUST-001",
"companyname": "Acme Corporation",
"email": "contact@acmecorp.example.com",
"subsidiary": {
"id": "1",
"refName": "Parent Company"
},
"datecreated": "2024-10-20T15:30:00Z",
"lastmodified": "2024-10-20T15:30:00Z",
"links": [
{
"rel": "self",
"href": "/services/rest/record/v1/customer/12345"
}
]
},
"headers": {
"content-type": "application/json"
}
}
}
SuiteQL Query
Execute a SuiteQL Query through Netsuite's REST Web Service | key: suiteQLQuery
| Input | Notes | Example |
|---|---|---|
| Connection | The NetSuite connection to use. | |
| Pagination Limit | The maximum number of records to fetch per page. See Record Collection Filtering for details. | 1000 |
| Pagination Offset | The number of records to skip before starting to fetch results. Used for pagination. | 0 |
| SuiteQL Payload | SuiteQL query string to execute. See Executing SuiteQL Queries for details. |
{
"data": {
"data": {
"count": 2,
"hasMore": false,
"items": [
{
"id": "12345",
"entityid": "CUST-001",
"companyname": "Acme Corporation",
"email": "contact@acmecorp.example.com",
"datecreated": "2024-10-20"
},
{
"id": "12346",
"entityid": "CUST-002",
"companyname": "Global Industries Ltd",
"email": "contact@globalindustries.example.com",
"datecreated": "2024-10-15"
}
],
"links": [
{
"rel": "self",
"href": "/services/rest/query/v1/suiteql"
}
]
},
"headers": {
"content-type": "application/json"
}
}
}
Update Record
Update record of the specified type | key: updateRecord
| Input | Notes | Example |
|---|---|---|
| Connection | The NetSuite connection to use. | |
| Record ID | The internal ID of the record. For external IDs, use the format 'eid:YOUR_EXTERNAL_ID'. See Getting a Record Instance for details. | 107 |
| Payload | Data payload to send in the action request. See REST API Browser for details. | |
| Record Type | Record type to perform the action against. | |
| Replace | Names of sublists on this record. All specified sublists will be replaced instead of added to. | ["itemList", "addressbookList"] |
| Replace Selected Fields | When true, deletes all fields, including body fields, specified in the Replace input. | false |
{
"data": {
"data": {
"id": "12345",
"entityid": "CUST-001",
"companyname": "Acme Corporation Inc.",
"subsidiary": {
"id": "1",
"refName": "Parent Company"
},
"email": "info@acmecorp.example.com",
"phone": "555-0123",
"isperson": false,
"salesRep": {
"id": "1047",
"refName": "John Sales"
},
"terms": {
"id": "5",
"refName": "Net 30"
},
"custentity_customer_type": {
"id": "3",
"refName": "Enterprise"
},
"billaddress": {
"addr1": "123 Main Street",
"addr2": "Suite 400",
"city": "San Francisco",
"state": "CA",
"zip": "94105",
"country": "US"
},
"shipaddress": {
"addr1": "123 Main Street",
"addr2": "Suite 400",
"city": "San Francisco",
"state": "CA",
"zip": "94105",
"country": "US"
},
"datecreated": "2024-10-20T15:30:00Z",
"lastmodified": "2024-10-20T16:45:00Z",
"recordType": "customer",
"links": [
{
"rel": "self",
"href": "/services/rest/record/v1/customer/12345"
}
]
},
"headers": {
"content-type": "application/json",
"location": "/services/rest/record/v1/customer/12345"
}
}
}
Changelog
2026-01-23
Added New and Updated Records polling trigger to monitor for new and updated records with support for record type filtering and additional query conditions. Includes toggle controls to filter for only new records, only updated records, or both.
Added component-wide global debug support, replacing per-action debug inputs for streamlined configuration.
2025-10-28
Enhanced record management actions to include response headers for improved API metadata access and debugging
2025-10-20
Added comprehensive example payloads for all actions to enhance integration development and documentation