You need to sign in to do that
Don't have an account?

Token Based Authentication to Netsuite
Hi everyone,
I'm an admin that just made their first succesfull http callout. In this case, to netsuite. Authentication was acheived by setting the header with NLAuth details. I would like for my next step to be to Authenticate with OAuth, which I think Netsuite refers to as token based authentication.
There are few examples out there that I was able to find in blogs on how to do basic authentication, but nothing on OAuth.
So, I am just wondering if there is anybody out there who has done it that might be willing to answer some further questions.
I'm an admin that just made their first succesfull http callout. In this case, to netsuite. Authentication was acheived by setting the header with NLAuth details. I would like for my next step to be to Authenticate with OAuth, which I think Netsuite refers to as token based authentication.
There are few examples out there that I was able to find in blogs on how to do basic authentication, but nothing on OAuth.
So, I am just wondering if there is anybody out there who has done it that might be willing to answer some further questions.
To generate the signature I adapted the code shared in the following forum: https://salesforce.stackexchange.com/questions/97646/oauth-signature-generation
I found these tools useful for debugging and checking where componants like my base string were incorrect:
1. http://lti.tools/oauth/
2. http://dinochiesa.github.io/oauth1.0a/request-builder.html
Note - These may not be secure with secret token information so tokens should be regenerated afterwards.
Postman was also useful to test if a request was working or not: https://www.getpostman.com/downloads/
Hopefully this is useful, feel free to reach out if you would like more information.
@tom
Would you mind sharing some of your code? I'm having a go at it but I am more of an admin than a developer. Anyway, I basically put the OAuth Playground app into my org and made a couple small modifications to it. For example, the code does not set realm and I've just hardcoded the token for now. Here is the Authorization header that is being sent after making those modfications:
All of the paramters that are specificied in netsuite documentation are there but I get 403 Invalid_Login_Attempt back from netsuite.
I wonder if it has to do with the fact that the code in OAuth playground uses RFC 5849 for encoding and Netsuite says that RFC 3986.
I didn't play around with the Playground app so I'm not sure how to help with that.
I'm happy to share all the code I think you'll need here but did you want to share an email address with me and hopefully I can help get to the bottom of your problem a little faster?
Also a handy tip is to look at the login audit trail from the NetSuite end and see how your attempt to connect is failing.
To view the login audit trail:
1. Go to the Setup drop down
2. Go to Users/Roles
3. Select View Login Audit Trail
You'll want to personalise the search and add the following columns:
1. Token-based Application Name
2. Token-based Access Token Name
This will let you see why your login is failing i.e. invalid nonce, invalid timestamp, invalid siganture.
There were definitely some challenges with using OAuth Playground to do this. Basically I had to look at Netsuite's spec for the Base String more carefully because createBaseString in OAuth playground was using a different spec.
Hello.
Could you give me the function that calls this class?
I have realm and consumer key, consumer secret, token, Token Secret.
I don't know how I use this class.
Let me know.
Best regards.
I started by using the simple visualforce page and controller in the OAuth Playground that you can use to call it app https://github.com/jesperfj/sfdc-oauth-playground/tree/master/OAuth/src
AuthPage.page
AuthController.cls
You will also find in the code posted above my own utility class called callOutHandler that I use to post responses to a custom object.
The class that Andy posted signs a HTTP Request when you call OAuth.sign(YOUR_REQUEST). You want to create your HTTP request and set the body and headers before you call the class. An example might look like this:
Thanks.
But I have some issues.
Help me.
GET method
Hey Tom..
Let me know the reason.
My suggestion is start simple and hardcode your token information at the start of the class to look something like this: Then for now don't worry about the code between lines 26 and 88, you can set up something similar once you get your connection working. Jump straight to private void refreshParameters() { and see if your code will save.
https://oauth.net/core/1.0a/#auth_step1
Check that you're setting your content type and maybe test if you're entering inside that IF statement or not.
I had similar issues around the content type so I just changed mine -
And my code to create my base string looks like this -
This works for me for POST operations, hopefully it will work for you too.